Lucene search

[email protected]CVE-2001-0992

HistorySep 05, 2001 - 4:00 a.m.

CVE-2001-0992

2001-09-0504:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0992

shopplus

shopping cart

remote attack

command execution

nvd

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.2%

JSON

shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the “file” parameter.

CPENameOperatorVersion
kabotie_software_technologies:shopplus_cartkabotie software technologies shopplus carteq*

CPE	Name	Operator	Version
kabotie_software_technologies:shopplus_cart	kabotie software technologies shopplus cart	eq	*

References

archives.neohapsis.com/archives/bugtraq/2001-09/0012.html

exchange.xforce.ibmcloud.com/vulnerabilities/7077

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2001-0992

openvas1