CVE-2000-0690

Auction Weaver <1.02 - RCE

Title source: llm
STIX 2.1

Description

Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by teleh0r · perlremotecgi
https://www.exploit-db.com/exploits/20194

References (2)

Scores

EPSS 0.0542
EPSS Percentile 90.2%

Details

Status published
Products (2)
cgi_script_center/auction_weaver 1.0
cgi_script_center/auction_weaver 1.02
Published Oct 20, 2000
Tracked Since Feb 18, 2026