cbcvebase.

Cgi Script Center Auction Weaver vulnerabilities

5 known vulnerabilities affecting cgi_script_center/auction_weaver.

Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2000-0690P3CRITICALCVSS 10.0PoCv1.0v1.022000-10-20
CVE-2000-0690 [CRITICAL] CVE-2000-0690: Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
nvd
CVE-2000-0687P4CRITICALCVSS 10.0≤ 1.022000-10-20
CVE-2000-0687 [CRITICAL] CVE-2000-0687: Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
nvd
CVE-2000-0810P4HIGHCVSS 7.5v1.0v1.01+3 more2000-12-19
CVE-2000-0810 [HIGH] CVE-2000-0810: Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows re Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
nvd
CVE-2000-0811P4MEDIUMCVSS 5.0v1.0v1.01+3 more2000-12-19
CVE-2000-0811 [MEDIUM] CVE-2000-0811: Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) a Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
nvd
CVE-2000-0686P4MEDIUMCVSS 5.0≤ 1.022000-10-20
CVE-2000-0686 [MEDIUM] CVE-2000-0686: Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
nvd
Cgi Script Center Auction Weaver vulnerabilities | cvebase