CVE-2001-0938 — MEDIUM severity vulnerability (Directory traversal vulnerability in AspUpload 2.1, in certa)
Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
| CVE ID | CVE-2001-0938 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 6.4 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2001-11-30 |
| Last modified | 2026-04-16 |
| Description | Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →