CVE-2000-0811 in Auction Weaverinfo

Summary

Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Disclosure

Moderation

VulDB entry created

Entries

CPE

CWE

CWE-22 (Confirmed)

CVSS

EPSS

Activities

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2000-0811
NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-0811
CVE Details	https://www.cvedetails.com/cve/CVE-2000-0811/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!