Lucene search

[email protected]CVE-2000-1223

HistoryNov 20, 2000 - 5:00 a.m.

CVE-2000-1223

2000-11-2005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

quikstore

cve-2000-1223

http get request

remote execution

shell metacharacters

nvd

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.1%

JSON

quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.

CPENameOperatorVersion
i-soft:quikstorei-soft quikstoreeq*

CPE	Name	Operator	Version
i-soft:quikstore	i-soft quikstore	eq	*

References

www.kb.cert.org/vuls/id/671444

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

54.1%

JSON