Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cgi script center vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0811
Auction Weaver 1.0 up to and including 1.04 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
Cgi Script Center Auction Weaver 1.03
Cgi Script Center Auction Weaver 1.04
Cgi Script Center Auction Weaver 1.0
Cgi Script Center Auction Weaver 1.01
Cgi Script Center Auction Weaver 1.02
NA
CVE-2000-0810
Auction Weaver 1.0 up to and including 1.04 does not properly validate the names of form fields, which allows remote malicious users to delete arbitrary files and directories via a .. (dot dot) attack.
Cgi Script Center Auction Weaver 1.03
Cgi Script Center Auction Weaver 1.04
Cgi Script Center Auction Weaver 1.0
Cgi Script Center Auction Weaver 1.01
Cgi Script Center Auction Weaver 1.02
NA
CVE-2000-0689
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote malicious users to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
Cgi Script Center Account Manager Lite 1.0
Cgi Script Center Account Manager Pro 1.0
2 EDB exploits
NA
CVE-2000-0690
Auction Weaver CGI script 1.02 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the fromfile parameter.
Cgi Script Center Auction Weaver 1.02
Cgi Script Center Auction Weaver 1.0
1 EDB exploit
NA
CVE-2001-0086
CGI Script Center Subscribe Me LITE 2.0 and previous versions allows remote malicious users to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.
Cgi Script Center Subscribe Me Lite 1.0
Cgi Script Center Subscribe Me Lite 2.0
NA
CVE-2000-0686
Auction Weaver CGI script 1.03 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
Cgi Script Center Auction Weaver
NA
CVE-2000-0687
Auction Weaver CGI script 1.03 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
Cgi Script Center Auction Weaver
9.8
CVSSv3
CVE-2000-0944
CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote malicious users to modify the password without knowing the original password.
Cgi Script Center News Update 1.1
1 EDB exploit
NA
CVE-2000-0688
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote malicious users to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
Cgi Script Center Subscribe Me Lite 2.0
2 EDB exploits
8.1
CVSSv3
CVE-2016-5385
PHP up to and including 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirec...
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.2
Oracle Communications User Data Repository 10.0.1
Oracle Linux 6
Oracle Linux 7
Oracle Communications User Data Repository 12.0.0
Oracle Communications User Data Repository 10.0.0
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Hp Storeever Msl6480 Tape Library Firmware
Hp System Management Homepage
Php Php
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Opensuse Leap 42.1
Drupal Drupal
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »