Alex Heiphetz Group Ezshopper : Security vulnerabilities, CVEs

Copy

CVE-2000-1092

loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter.

Max CVSS

5.0

EPSS Score

2.22%

Published

2001-01-09

Updated

2017-12-19

CVE-2000-0188

EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

Max CVSS

7.5

EPSS Score

0.27%

Published

2000-02-27

Updated

2008-09-10

CVE-2000-0187

EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

Max CVSS

7.5

EPSS Score

1.45%

Published

2000-02-27

Updated

2008-09-10

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!