Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2000-12-19 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-0811
Mitre link : CVE-2000-0811
CVE.ORG link : CVE-2000-0811
JSON object : View
Products Affected
cgi_script_center
- auction_weaver
CWE