CVE-2002-1600

CVE-2002-1600 describes a directory traversal vulnerability in Mike Spice’s My Classifieds (classifieds.cgi) prior to version 1.3. The flaw enables remote attackers to overwrite arbitrary files via the category parameter, indicating insufficient input validation/sanitization in the CGI handling o...

CVE-1999-0935

Affected software: classifieds.cgi CGI script. Vulnerability: remote command execution by specifying arbitrary commands in a hidden CGI form variable. Root cause: implied lack of proper handling/sanitization of hidden form data (as described in PT-1999-1476 and CVE description). Impact: arbitrary...

CVE-1999-0934

CVE-1999-0934 affects the classifieds.cgi CGI script. The vulnerability arises from insufficient input filtering, allowing remote attackers to read arbitrary files on the Web server by injecting shell metacharacters, effectively executing commands via the httpd process. Impact note: read-access t...

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter

Greg Matthews - Classifieds.cgi 1.0 MetaCharacter source: https://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to read files ...