CVE-2000-0282
CVSS 2.0 Score 5 of 10 (medium)
Details
Published Apr 12, 2000
Updated: Nov 20, 2024
Summary
CVE-2000-0282 is a vulnerability affecting the TalentSoft webpsvr daemon in the Web+ shopping cart application. An attacker can exploit this issue by launching a dot-dot (..) attack on the webplus CGI program, enabling them to read arbitrary files remotely. This vulnerability poses a significant risk as it may allow unauthorized access to sensitive data, potentially leading to information disclosure and other malicious activities. The Web+ shopping cart application is recommended to be updated or patched immediately to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share