Description

FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.

Remediation

References

CVE-1999-1375

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42043)

Apache Tomcat CVE-2018-1304 Vulnerability (CVE-2018-1304)

WordPress Plugin Another WordPress Classifieds Cross-Site Scripting (3.3.1)

WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.8)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7950)

Severity

Medium

Classification

CVE-1999-1375

Tags

Missing Update Known Vulnerabilities