Description
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6843
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/4.3.2.7.2.20010715184257.00b20100%40compumodel.com
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/683
Patch, Vendor Advisory x_refsource_confirm
http://www.valeriemates.com/story_download.html
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3028
Scores
EPSS
0.0828
EPSS Percentile
92.3%
Details
Status
published
Products (1)
valerie_mates/interactive_story
1.3
Published
Dec 06, 2001
Tracked Since
Feb 18, 2026