Vulnerabilities > CVE-2000-0686 - Directory Traversal vulnerability in CGI Script Center Auction Weaver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/23375/auction.weaver.txt |
id | PACKETSTORM:23375 |
last seen | 2016-12-05 |
published | 2000-10-19 |
reporter | mitre.org |
source | https://packetstormsecurity.com/files/23375/auction.weaver.txt.html |
title | auction.weaver.txt |