CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2000(Directory Traversal)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-1229 Dir. Trav. 2000-12-31 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.
2 CVE-2000-1075 Dir. Trav. 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
3 CVE-2000-1051 Dir. Trav. 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet.
4 CVE-2000-1048 Dir. Trav. 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL.
5 CVE-2000-1036 Dir. Trav. 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter.
6 CVE-2000-1005 Dir. Trav. 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
7 CVE-2000-0992 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
8 CVE-2000-0975 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack.
9 CVE-2000-0940 Dir. Trav. 2000-12-19 2008-09-05
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter.
10 CVE-2000-0924 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.
11 CVE-2000-0922 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.
12 CVE-2000-0921 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
13 CVE-2000-0920 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
14 CVE-2000-0919 Dir. Trav. 2000-12-19 2013-08-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
15 CVE-2000-0906 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters.
16 CVE-2000-0903 Dir. Trav. 2000-12-19 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
17 CVE-2000-0900 Dir. Trav. 2000-12-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
18 CVE-2000-0773 Dir. Trav. 2000-10-20 2008-09-05
5.0
None Remote Low Not required Partial None None
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.
19 CVE-2000-0739 Dir. Trav. 2000-10-20 2008-09-05
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
20 CVE-2000-0731 Dir. Trav. 2000-10-20 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Total number of vulnerabilities : 20   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.