CVE-2001-0123
eXtropia bbs_forum.cgi 1.0 - Directory Traversal via File Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0123. PoCs published by scott.
AI-analyzed exploit summary This exploit leverages a directory traversal and command injection vulnerability in bbs_forum.cgi version 1.0 due to improper validation of the 'read' parameter. It allows arbitrary file reading and command execution with webserver privileges.
Description
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter.
Exploits (1)
This exploit leverages a directory traversal and command injection vulnerability in bbs_forum.cgi version 1.0 due to improper validation of the 'read' parameter. It allows arbitrary file reading and command execution with webserver privileges.