AspUpload Multiple Script File Upload / Directory Traversal

high Nessus Network Monitor Plugin ID 1714

Synopsis

The AspUpload software resides on this server.

Description

The AspUpload software resides on this server. Some versions of this software are vulnerable to remote exploit.

Solution

No solution is known at this time.

See Also

http://marc.info/?l=bugtraq&m=100715294425985&w=2

http://www.aspupload.com

Plugin Details

Severity: High

ID: 1714

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 11746

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:persits:aspupload

Reference Information

CVE: CVE-2001-0938

BID: 3608