Filtered by vendor Mnscu Pals Subscriptions
Filtered by product Webpals Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0217 1 Mnscu Pals 1 Webpals 2024-11-20 N/A
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.
CVE-2001-0216 1 Mnscu Pals 1 Webpals 2024-11-20 N/A
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.