CVE-2000-0187

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Feb 27, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0187 is a vulnerability affecting the EZShopper 3.0 loadpage.cgi CGI script. This issue allows remote attackers to read arbitrary files or execute commands by exploiting the script's failure to properly handle ".." (dot dot) commands. The vulnerability can potentially lead to information disclosure or even system compromise. Attackers can take advantage of this weakness by manipulating the script's input to gain unauthorized access to sensitive data or execute malicious code. The vulnerability poses a significant risk for systems running this outdated version of the EZShopper application.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlWPD
https://www.cve.org/CVERecord?id=CVE-2000-0187
https://nvd.nist.gov/vuln/detail/CVE-2000-0187

Back to Vulnerability Database

CVE-2000-0187

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations