QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0998

Published: Aug 31, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter, which is processed by a call to the include function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.care2x.com/modul.php?thispage=headlines&m_titel=NEWS&m_item=Headlines&lang=en

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

care2002-include-read-files(9552)

vdb-entry

x_refsource_XF

20020712 Several problems in CARE 2002

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.