187 matches found
CVE-2001-0074
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. dot dot attack in the board parameter...
CVE-2001-0074
CVE-2001-0074 is a directory traversal vulnerability in print.cgi of Technote that allows remote attackers to read arbitrary files via a .. path in the board parameter. The issue arises from unvalidated path handling in the CGI script, enabling partial confidentiality impact. Public references de...
CVE-2001-0074
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. dot dot attack in the board parameter...
CVE-2000-0811
CVE-2000-0811 affects Auction Weaver 1.0–1.04 (Auction Weaver LITE) and stems from improper validation of directory traversal strings (..), enabling remote attackers to read arbitrary files through the username or bidfile fields. Affected products include CGI Script Center’s Auction Weaver LITE r...
CVE-2000-0900
Summary: CVE-2000-0900 affects thttpd’s built-in ssi CGI when used with versions 2.19 and earlier. A remote attacker can exploit a directory traversal flaw by using encoded path sequences (e.g., %2e%2e) to read arbitrary files via the ssi handler. The issue is identical to an encoded traversal vu...
CVE-2000-1005
The CVE-2000-1005 entry concerns directory traversal in eXtropia WebStore CGI scripts (html_web_store.cgi and web_store.cgi). An attacker can read arbitrary files by supplying a .. (dot dot) path in the page parameter, enabling remote file disclosure. The vulnerability is evidenced by multiple so...
CVE-2000-0810
Auction Weaver (LITE) versions 1.0–1.04 suffer a form-field name validation flaw that allows remote attackers to delete arbitrary files and directories via a dot-dot path traversal. The underlying issue is improper validation of input names, enabling remote exploitation without authentication. Im...
CVE-2000-0853
YaBB Bulletin Board vulnerability (CVE-2000-0853) affects YaBB.pl: an input validation flaw in the file parameter (num) allows remote attackers to read arbitrary server files via path traversal (e.g., ../../../../../../../../etc/passwd%00) and the .txt suffix handling. This enables reading files ...
CVE-2000-0565
The CVE-2000-0565 entry affects SmartFTP Daemon 0.2 and describes a local-privilege issue where an attacker can access arbitrary files by uploading and specifying an alternate user configuration file through a .. path traversal. The underlying cause is a dot-dot (../) traversal during file handli...
CVE-2000-0853
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-2000-0900
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. dot dot attack...
CVE-2000-0810
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. dot dot attack...
CVE-2000-1101
Directory traversal vulnerability in Winsock FTPd WFTPD 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. dot dot attack...
CVE-2000-1176
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. dot dot attack in the "catsearch" form field...
CVE-2000-0811
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. dot dot attack on the username or bidfile form fields...
DEBIAN-CVE-2000-0992
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. dot dot attack...
CVE-2000-0992
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. dot dot attack...
PT-2000-1902 · Openssh +1 · Sshd +1
Name of the Vulnerable Software and Affected Versions: sshd versions 1.2.xx Description: A directory traversal issue in the scp component of sshd allows a remote malicious scp server to overwrite arbitrary files using a .. dot dot attack. Recommendations: For sshd versions 1.2.xx, consider...
CVE-2000-1075
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. dot dot attack in the Agent, End Entity, or Administrator services...
CVE-2000-0902
CVE-2000-0902 affects PhotoAlbum (getalbum.php) prior to version 0.9.9. The vulnerability allows remote attackers to read arbitrary files via a directory traversal (..). NVD lists a CVSSv2 base score of 5.0 (Medium) with partial confidentiality impact; no exploitation details or patch information...