• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20011012 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20011012)
Votes (Legacy)
MODIFY(1) Frech
NOOP(5) Armstrong, Christey, Cole, Foat, Wall
Comments (Legacy)
 Frech> XF:directory-pro-directory-traversal(6632)
   All references point to CGI with the name of
   directorypro.cgi, not cosmicpro.cgi as listed in description.
 Christey> Not sure how cosmicpro.cgi got in there.  It should be
   directorypro.cgi as indicated by Andre.

Proposed (Legacy)
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.