CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0810

Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.osvdb.org/1600
http://www.securityfocus.com/bid/1782
https://exchange.xforce.ibmcloud.com/vulnerabilities/5371
http://www.osvdb.org/1600
http://www.securityfocus.com/bid/1782
https://exchange.xforce.ibmcloud.com/vulnerabilities/5371

Products affected by CVE-2000-0810

Cgi Script Center » Auction Weaver » Version: 1.0

cpe:2.3:a:cgi_script_center:auction_weaver:1.0
Cgi Script Center » Auction Weaver » Version: 1.01

cpe:2.3:a:cgi_script_center:auction_weaver:1.01
Cgi Script Center » Auction Weaver » Version: 1.02

cpe:2.3:a:cgi_script_center:auction_weaver:1.02
Cgi Script Center » Auction Weaver » Version: 1.03

cpe:2.3:a:cgi_script_center:auction_weaver:1.03
Cgi Script Center » Auction Weaver » Version: 1.04

cpe:2.3:a:cgi_script_center:auction_weaver:1.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0810

Products

Pricing

Contact Us