CVE-2000-0924

Armada Master Index - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0924. PoCs published by pestilence.

AI-analyzed exploit summary The exploit describes a path traversal vulnerability in Master Index search engine, allowing remote users to access files outside the web root directory. The example demonstrates directory traversal via the 'catigory' parameter.

Description

Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by pestilence · textremotecgi

https://www.exploit-db.com/exploits/20277

View Code ZIP pw:eip

The exploit describes a path traversal vulnerability in Master Index search engine, allowing remote users to access files outside the web root directory. The example demonstrates directory traversal via the 'catigory' parameter.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Master Index search engine (versions unspecified)

No auth needed

Prerequisites: Access to the vulnerable CGI endpoint

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/461

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/5355

Exploit, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-10/0141.html

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1772

Scores

EPSS 0.0785

EPSS Percentile 93.9%

Details

Status published

Products (1)

armada_design/master_index 1.0

Published Dec 19, 2000

Tracked Since Feb 18, 2026