CVE-2002-0196: CVE-2002-0196

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0196

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

CwpApi.php GetRelativePath()返回相对路径漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

CwpApi(Comprehensive Web Programming API )是一个提供给网站开发人员的编程接口。用PHP实现，支持模板、配置文件、基于DSN的数据库管理并和语种无关。 CwpApi某些函数的实现上存在问题，在某种很特殊的情况下，可能使攻击者访问到Web目录以外的文件。 CwpApi的GetRelativePath()只检查路径中是否包含了Web的主目录，而不是检查目录是不是在Web主目录之下，因此如果Web的主目录为"/var/www"，则"/etc/var/www/myfile.

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-0196

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-0196

Please Login to view more intelligence information

http://sourceforge.net/forum/forum.php?forum_id=144966x_refsource_CONFIRM
http://www.securityfocus.com/bid/3924vdb-entryx_refsource_BID
http://www.iss.net/security_center/static/7981.phpvdb-entryx_refsource_XF
http://online.securityfocus.com/archive/1/251699mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2002-0196

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2002-0196

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2002-0196

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-0196

III. Intelligence Information for CVE-2002-0196

IV. Related Vulnerabilities

V. Comments for CVE-2002-0196

Leave a comment