GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root.
Metrics
Affected Vendors & Products
References
History
No history.
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-25T04:00:00
Updated: 2024-08-08T02:42:28.488Z
Reserved: 2002-05-01T00:00:00
Link: CVE-2002-0196
![cve-icon](/static/img/cisa-icon.png)
No data.
![cve-icon](/static/img/nvd-icon.png)
Status : Modified
Published: 2002-05-16T04:00:00.000
Modified: 2024-11-20T23:38:31.500
Link: CVE-2002-0196
![cve-icon](/static/img/redhat-icon.png)
No data.