← CVECheck
HomeVulnerabilities

CVE-2001-1020 — HIGH severity vulnerability (edit_image.php in Vibechild Directory Manager before 0.91 al)

edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function.

CVE IDCVE-2001-1020
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-09-05
Last modified2026-04-16
Descriptionedit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →