CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. dot dot attack that uses the %2E URL encoding for the dots...

6.6AI score0.07715EPSS

Exploits1References5

Cvelist•added 2000/10/13 4:0 a.m.•17 views

CVE-2000-0705

ntop running in web mode allows remote attackers to read arbitrary files via a .. dot dot attack...

6.7AI score0.07959EPSS

Exploits1References4

Cvelist•added 2000/10/13 4:0 a.m.•26 views

CVE-2000-0767

The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability...

6.5AI score0.04364EPSS

Exploits0References2

CVE•added 2000/10/13 4:0 a.m.•51 views

CVE-2000-0634

The CVE-2000-0634 entry concerns the web administration interface of CommuniGate Pro 3.2.5 and earlier, where an attacker can read arbitrary files via a directory traversal (.. path) vector. The underlying issue is a dot-dot traversal vulnerability in the web admin interface that permits reading ...

5CVSS7.2AI score0.07853EPSS

Exploits1References4Affected Software1

securityvulns•added 2000/10/13 12:0 a.m.•37 views

Security Advisory: FreeBSD-SA-00:54.fingerd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:54 Security Advisory FreeBSD, Inc. Topic: fingerd allows remote reading of filesystem Category: core Module: fingerd Announced: 2000-10-13 Credits: NIIMI Satoshi...

0.3AI score

Exploits0

securityvulns•added 2000/10/06 12:0 a.m.•22 views

Pegasus mail file reading vulnerability

SUMMARY The default setup of Pegasus Mail contains a remotely exploitable security hole that allows a remote website to gain copies of files on the users hard drive. DETAILS Version tested: Pegasus Mail v3.12c with IE5.0 When the webpage containing the exploit code is viewed using IE5, Pegasus ma...

0.4AI score

Exploits0

CVE•added 2000/09/21 4:0 a.m.•42 views

CVE-2000-0687

CVE-2000-0687 affects Auction Weaver CGI script LITE (1.0–1.04). A directory traversal flaw in the catdir parameter allows remote attackers to read arbitrary files. The vulnerability is remotely exploitable and was reported for UNIX and Windows NT platforms. The issue arises in versions 1.0 throu...

10CVSS6.7AI score0.02514EPSS

Exploits2References2Affected Software1

Cvelist•added 2000/09/21 4:0 a.m.•21 views

CVE-2000-0686

Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack in the fromfile parameter...

6.6AI score0.01448EPSS

Exploits2References2

Cvelist•added 2000/09/21 4:0 a.m.•21 views

CVE-2000-0785

WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day MOTD to the specified file...

6.5AI score0.01138EPSS

Exploits0References1

NVD•added 2000/07/26 4:0 a.m.•10 views

CVE-2000-0664

AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. dot dot attack that uses the %2E URL encoding for the dots...

5CVSS6.6AI score0.07715EPSS

Exploits1References5

securityvulns•added 2000/07/19 12:0 a.m.•32 views

Заткнута дырка в IIS

Один из служебных скриптов зацикливается при отсутствии одного из аргументов. Кроме того найден еще один способ прочитать часть файла через .HTR - файлы доавить "+.htr" к имени файла...

0.3AI score

Exploits0References3Affected Software1

Cvelist•added 2000/07/12 4:0 a.m.•23 views

CVE-2000-0174

StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. dot dot attack...

6.7AI score0.05917EPSS

Exploits0References2

CVE•added 2000/07/12 4:0 a.m.•77 views

CVE-2000-0526

MailStudio 2000 (mailview.cgi) 2.0 and earlier is affected by CVE-2000-0526 via a directory traversal (.. ) attack that allows remote attackers to read arbitrary files. The vulnerability targets the mailview.cgi CGI program and results in partial confidentiality impact. The provided documents do ...

5CVSS6.7AI score0.06966EPSS

Exploits0References2Affected Software1

Cvelist•added 2000/07/12 4:0 a.m.•15 views

CVE-2000-0261

The AVM KEN! web server allows remote attackers to read arbitrary files via a .. dot dot attack...

6.7AI score0.01593EPSS

Exploits0References4

NVD•added 2000/07/12 4:0 a.m.•18 views

CVE-2000-0660

The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. dot dot attack...

5CVSS6.7AI score0.03315EPSS

Exploits1References5

Cvelist•added 2000/06/15 4:0 a.m.•16 views

CVE-2000-0412

The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file...

6.7AI score0.02748EPSS

Exploits0References4

NVD•added 2000/05/11 4:0 a.m.•16 views

CVE-2000-0457

ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces %20 and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability...

7.5CVSS6.5AI score0.52751EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by