Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-1138. PoCs published by Steve Shepherd.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in Power Up HTML's CGI script (r.cgi) that allows arbitrary file access via ../ sequences. No actual exploit code is provided, only a URL example demonstrating the vulnerability.
Description
Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter.
Exploits (1)
The exploit describes a directory traversal vulnerability in Power Up HTML's CGI script (r.cgi) that allows arbitrary file access via ../ sequences. No actual exploit code is provided, only a URL example demonstrating the vulnerability.