CVE-2001-0680

QPC Software Avt Term - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command.

Exploits (1)

nomisec WRITEUP

by alt3kx · poc

https://github.com/alt3kx/CVE-2001-0680

View Code ZIP pw:eip

References (6)

[Exploit, Vendor Advisory] http://www.securityfocus.com/archive/1/176712

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/216555

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/2618

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6375

[Third Party Advisory, VDB Entry] http://www.osvdb.org/1794

[Third Party Advisory, VDB Entry] http://www.osvdb.org/4050

Scores

EPSS 0.8317

EPSS Percentile 99.3%

Details

Status published

Products (3)

qpc_software/avt_term 5.0

qpc_software/qvt_net 4.0

qpc_software/qvt_net 5.0

Published Sep 20, 2001

Tracked Since Feb 18, 2026