Description

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.

Remediation

References

CVE-1999-1375

Related Vulnerabilities

WordPress Plugin Easy Pixels Unspecified Vulnerability (1.8.2)

ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-7658)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-3141)

Mibew Messenger Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0829)

WordPress Plugin Conditional Payments for WooCommerce Cross-Site Request Forgery (2.3.1)

Severity

Medium

Classification

CVE-1999-1375

Tags

Missing Update Known Vulnerabilities