Unrated severityNVD Advisory· Published Oct 20, 2000· Updated Apr 16, 2026
CVE-2000-0686
CVE-2000-0686
Description
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
Affected products
1- cpe:2.3:a:cgi_script_center:auction_weaver:*:*:*:*:*:*:*:*Range: <=1.02
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- archives.neohapsis.com/archives/bugtraq/2000-08/0310.htmlnvdExploitVendor Advisory
- www.securityfocus.com/bid/1630nvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.