CVE-2003-1298

Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot).

Published: Dec 31, 2003
Updated: Nov 9, 2025
CVE: CVE-2003-1298
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
anyportal_php / anyportal_php	0.1	0.1.x

http://nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152
http://secunia.com/advisories/19359
http://www.osvdb.org/23984
http://www.securityfocus.com/bid/17197
http://www.vupen.com/english/advisories/2006/1053
https://exchange.xforce.ibmcloud.com/vulnerabilities/25396

Vulnerability Database

CVE-2003-1298

Deep Security Visibility Without the Complexity