Lucene search

[email protected]CVE-2000-0690

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0690

2000-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0690

auction weaver cgi

shell metacharacters

remote attack

nvd

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.037 Low

EPSS

Percentile

91.6%

JSON

Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.

CPENameOperatorVersion
cgi_script_center:auction_weavercgi script center auction weavereq1.0
cgi_script_center:auction_weavercgi script center auction weavereq1.02

CPE	Name	Operator	Version
cgi_script_center:auction_weaver	cgi script center auction weaver	eq	1.0
cgi_script_center:auction_weaver	cgi script center auction weaver	eq	1.02

References

archives.neohapsis.com/archives/bugtraq/2000-08/0370.html

archives.neohapsis.com/archives/bugtraq/2000-08/0452.html

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.037 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2000-0690

packetstorm1