3 matches found
CVE-2000-1171
The CVE-2000-1171 issue affects CGIForum 1.0’s cgiforum.pl (thesection parameter) where insufficient input validation allows directory traversal. An attacker can craft a URL (e.g., ?thesection=../../../../etc/passwd) to access files on the web server, with the accessible scope limited by the web ...
cgiforum-1.0.txt
Hi, Date: 2000/11/20 Affected Application: CGIForum 1.0 http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.0.tar.gz Markus Triska CGIForum is a free forum. We can set 'thesection' parameter to view files on the vulnerable system with privileges of the user "nobody". This is caused from...
CGIForum 1.0 Vulnerability
Hi, Date: 2000/11/20 Affected Application: CGIForum 1.0 http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.0.tar.gz Markus Triska [email protected] CGIForum is a free forum. We can set 'thesection' parameter to view files on the vulnerable system with privileges of the user "nobody". This is...