Vulnerabilities > CVE-2000-0687 - Directory Traversal vulnerability in CGI Script Center Auction Weaver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/23375/auction.weaver.txt |
id | PACKETSTORM:23375 |
last seen | 2016-12-05 |
published | 2000-10-19 |
reporter | mitre.org |
source | https://packetstormsecurity.com/files/23375/auction.weaver.txt.html |
title | auction.weaver.txt |