Unrated severityNVD Advisory· Published Aug 14, 2001· Updated Apr 16, 2026

CVE-2001-0555

Description

ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet.

Affected products

Screaming Media/Siteware
cpe:2.3:a:screaming_media:siteware:*:*:*:*:*:*:*:*
Range: <=3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www01.screamingmedia.com/en/security/sms1001.phpnvdExploitPatchVendor Advisory
archives.neohapsis.com/archives/bugtraq/2001-06/0165.htmlnvdVendor Advisory
archives.neohapsis.com/archives/bugtraq/2001-06/0166.htmlnvdVendor Advisory
www.kb.cert.org/vuls/id/795707nvdUS Government Resource
www.osvdb.org/13887nvd
www.securityfocus.com/bid/2869nvd
exchange.xforce.ibmcloud.com/vulnerabilities/6689nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000