Vulnerability Details CVE-2000-0282
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.088
EPSS Ranking 92.1%
CVSS Severity
CVSS v2 Score 5.0
References
- ftp://ftp.talentsoft.com/Download/Webplus/Unix/Patches/Webplus46p%20Read%20me.html
- http://archives.neohapsis.com/archives/bugtraq/2000-04/0050.html
- http://www.securityfocus.com/bid/1102
- ftp://ftp.talentsoft.com/Download/Webplus/Unix/Patches/Webplus46p%20Read%20me.html
- http://archives.neohapsis.com/archives/bugtraq/2000-04/0050.html
- http://www.securityfocus.com/bid/1102
Products affected by CVE-2000-0282
-
cpe:2.3:a:talentsoft:web+:4