WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares. Date published : 2001-01-22 http://www.securityfocus.com/bid/1765 http://archives.neohapsis.com/archives/bugtraq/2000-10/0091.html
SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable. Date published : 2001-01-22 http://www.securityfocus.com/bid/1733 http://marc.info/?l=bugtraq&m=97050627707128&w=2
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information. Date published : 2001-01-22 http://www.securityfocus.com/bid/1734 http://marc.info/?l=bugtraq&m=97050819812055&w=2
Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter. Date published : 2001-01-22 http://www.securityfocus.com/bid/1772 http://archives.neohapsis.com/archives/bugtraq/2000-10/0141.html
authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter. Date published : 2001-01-22 http://www.securityfocus.com/bid/1784 http://archives.neohapsis.com/archives/bugtraq/2000-10/0107.html
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter. Date published...
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. Date published : 2001-01-22 http://www.securityfocus.com/bid/1777 http://archives.neohapsis.com/archives/bugtraq/2000-10/0115.html
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead...
Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2001-01-22 http://www.securityfocus.com/bid/1773 http://archives.neohapsis.com/archives/bugtraq/2000-10/0117.html
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. Date published : 2001-01-22 http://www.securityfocus.com/bid/1712 http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name. Date published : 2001-01-22 http://www.securityfocus.com/bid/1803 http://archives.neohapsis.com/archives/bugtraq/2000-10/0017.html
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests. Date published : 2001-01-22 http://www.securityfocus.com/bid/1759 http://archives.neohapsis.com/archives/bugtraq/2000-10/0078.html
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. Date published : 2001-01-22 http://www.securityfocus.com/bid/1728...
MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter. Date published : 2001-01-22 http://archives.neohapsis.com/archives/bugtraq/2000-09/0146.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5285