exploitDog

CVE-2000-1005

Опубликовано: 11 дек. 2000

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.

Ссылки

http://www.securityfocus.com/archive/1/138495
http://www.securityfocus.com/bid/1774
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5347
http://www.securityfocus.com/archive/1/138495
http://www.securityfocus.com/bid/1774
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5347

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:extropia:extropia_webstore:1.0:*:*:*:*:*:*:*

cpe:2.3:a:extropia:extropia_webstore:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.06201

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vc22-9p26-2j2g

github

больше 3 лет назад

Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.

EPSS

Процентиль: 90%

0.06201

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other