cuctema

7 exploits Active since Jun 2001
CVE-2001-0212 EXPLOITDB text WORKING POC
HIS Auktion - Path Traversal
Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters.
CVE-2001-0211 EXPLOITDB text WORKING POC
Silverplatter Webspirs - Path Traversal
Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter.
CVE-2001-0216 EXPLOITDB text WORKING POC
PALS Library System - Command Injection
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.
CVE-2001-0224 EXPLOITDB text WORKING POC
Muscat Empower - Info Disclosure
Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.
CVE-2001-0214 EXPLOITDB text WRITEUP
Way-board - Info Disclosure
Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.
CVE-2001-0217 EXPLOITDB text WRITEUP
Mnscu Pals Webpals - Path Traversal
Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.
CVE-2001-0215 EXPLOITDB text WORKING POC
ROADS search.pl - Info Disclosure
ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte.