Vulnerabilities > CVE-2000-0811 - Unspecified vulnerability in CGI Script Center Auction Weaver
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/23375/auction.weaver.txt |
id | PACKETSTORM:23375 |
last seen | 2016-12-05 |
published | 2000-10-19 |
reporter | mitre.org |
source | https://packetstormsecurity.com/files/23375/auction.weaver.txt.html |
title | auction.weaver.txt |