CVE-2000-0187
CVSS 2.0 Score 7.5 of 10 (high)
Details
Published Feb 27, 2000
Updated: Nov 20, 2024
Summary
CVE-2000-0187 is a vulnerability affecting the EZShopper 3.0 loadpage.cgi CGI script. An attacker can manipulate file requests to read arbitrary files by using ".." (dot dot) in the request. Furthermore, the vulnerability allows attackers to execute commands through shell metacharacters, posing a significant security risk. This issue can lead to data leakage and potentially dangerous code execution. The vulnerability should be addressed immediately by applying the available patches or upgrading the affected software.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share