CVE-2000-0187

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Feb 27, 2000
Updated: Nov 20, 2024

Summary

CVE-2000-0187 is a vulnerability affecting the EZShopper 3.0 loadpage.cgi CGI script. An attacker can manipulate file requests to read arbitrary files by using ".." (dot dot) in the request. Furthermore, the vulnerability allows attackers to execute commands through shell metacharacters, posing a significant security risk. This issue can lead to data leakage and potentially dangerous code execution. The vulnerability should be addressed immediately by applying the available patches or upgrading the affected software.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share