CVE-2002-1449 Information

Description

eUpload 1.0 stores the password.txt password file in plaintext under the web document root which allows remote attackers to overwrite arbitrary files by reading password.txt.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-07/0412.html http://www.iss.net/security_center/static/9733.php http://www.securityfocus.com/bid/5369