Vulnerabilities

CVE-2002-1087

by Fred · 31/08/2002

The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.

Date published : 2002-08-31

http://online.securityfocus.com/archive/1/284229

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0040.html

Related

Tags: Cybersecurity Alert