IDCVSSSummaryLast (major) updatePublished
CVE-2000-0686 5.0
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
05-09-2008 - 20:21 20-10-2000 - 04:00
CVE-2000-0687 10.0
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
05-09-2008 - 20:21 20-10-2000 - 04:00
CVE-2000-0810 7.5
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
03-05-2018 - 01:29 19-12-2000 - 05:00
CVE-2000-0811 5.0
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
03-05-2018 - 01:29 19-12-2000 - 05:00
CVE-2000-0690 10.0
Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
10-09-2008 - 19:05 20-10-2000 - 04:00
Back to Top Mark selected
Back to Top