← CVECheck
HomeVulnerabilities

CVE-2001-0938 — MEDIUM severity vulnerability (Directory traversal vulnerability in AspUpload 2.1, in certa)

Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.

CVE IDCVE-2001-0938
SeverityMEDIUM
CVSS score6.4
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:N
CWENVD-CWE-Other
StatusModified
Published2001-11-30
Last modified2026-04-16
DescriptionDirectory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →