Vulnerabilities > CVE-2000-1005 - Unspecified vulnerability in Extropia Webstore 1.0/2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Extropia WebStore 1.0/2.0 Directory Traversal Vulnerability. CVE-2000-1005. Remote exploit for cgi platform |
id | EDB-ID:20279 |
last seen | 2016-02-02 |
modified | 2000-10-09 |
published | 2000-10-09 |
reporter | f0bic |
source | https://www.exploit-db.com/download/20279/ |
title | extropia webstore 1.0/2.0 - Directory Traversal Vulnerability |
Nessus
NASL family | CGI abuses |
NASL id | HTTP_WEBSTORE.NASL |
description | The remote web server is hosting eXtropia WebStore, a shopping cart application. The installed version allows an attacker to read arbitrary files via a .. (dot dot) attack on the page parameter. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10532 |
published | 2000-10-10 |
reporter | This script is Copyright (C) 2000-2018 Thomas Reinke |
source | https://www.tenable.com/plugins/nessus/10532 |
title | eXtropia Web Store web_store.cgi Traversal Arbitrary File Access |
code |
|