Mnscu Pals » Webpals : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.
Max CVSS
5.0
EPSS Score
3.14%
Published
2001-06-02
Updated
2017-07-11
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.
Max CVSS
7.5
EPSS Score
2.64%
Published
2001-06-02
Updated
2017-07-11
2 vulnerabilities found