Vulnerability Details CVE-2000-0922
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.052
EPSS Ranking 89.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html
- http://www.securityfocus.com/bid/1776
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5351
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html
- http://www.securityfocus.com/bid/1776
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5351
Products affected by CVE-2000-0922
-
cpe:2.3:a:bytes_interactive:web_shopper:1.0
-
cpe:2.3:a:bytes_interactive:web_shopper:2.0