CVE-2000-0282

TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.

Date published : 2000-10-13

http://www.securityfocus.com/bid/1102

http://archives.neohapsis.com/archives/bugtraq/2000-04/0050.html