Vulnerabilities > CVE-2000-0287 - Unspecified vulnerability in CNC Technology Bizdb 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | CNC Technology BizDB 1.0 bizdb-search.cgi Remote Command Execution Vulnerability. CVE-2000-0287. Remote exploit for cgi platform |
id | EDB-ID:19844 |
last seen | 2016-02-02 |
modified | 2000-04-13 |
published | 2000-04-13 |
reporter | PErfecto Technology |
source | https://www.exploit-db.com/download/19844/ |
title | CNC Technology BizDB 1.0 bizdb-search.cgi Remote Command Execution Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | BIZDB1_SEARCH.NASL |
description | BizDB is a web database integration product using Perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10383 |
published | 2000-04-26 |
reporter | This script is Copyright (C) 2000-2018 Roelof Temmingh <[email protected]> |
source | https://www.tenable.com/plugins/nessus/10383 |
title | BizDB bizdb-search.cgi Arbitrary Command Execution |
code |
|