Vulnerabilities > CVE-2000-0811 - Unspecified vulnerability in CGI Script Center Auction Weaver

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

NVD

Published: 2000-12-19

Updated: 2018-05-03

Summary

Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.

Part	Description	Count
Application	Cgi_Script_Center CGI Script Center Auction Weaver 1.0 CGI Script Center Auction Weaver 1.01 CGI Script Center Auction Weaver 1.02 CGI Script Center Auction Weaver 1.03 CGI Script Center Auction Weaver 1.04	5

data source	https://packetstormsecurity.com/files/download/23375/auction.weaver.txt
id	PACKETSTORM:23375
last seen	2016-12-05
published	2000-10-19
reporter	mitre.org
source	https://packetstormsecurity.com/files/23375/auction.weaver.txt.html
title	auction.weaver.txt