• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20011012 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20011012)
Votes (Legacy)
MODIFY(1) Frech
NOOP(5) Armstrong, Christey, Cole, Foat, Wall
Comments (Legacy)
 Frech> XF:directory-pro-directory-traversal(6632)
   All references point to CGI with the name of
   directorypro.cgi, not cosmicpro.cgi as listed in description.
 Christey> Not sure how cosmicpro.cgi got in there.  It should be
   directorypro.cgi as indicated by Andre.

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.