Aggregates CVE and security vulnerability intelligence across all cgi-rescue-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-5723 | Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors. | [email protected] | 5.0 | 0.11% | 2008-12-26 | 2026-04-23 |
| CVE-2007-4655 | Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. | [email protected] | 5.0 | 0.30% | 2007-09-04 | 2026-04-23 |
| CVE-2007-0565 | CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors. | [email protected] | 7.5 | 0.71% | 2007-01-30 | 2026-04-23 |
| CVE-2007-0547 | Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 4.3 | 0.25% | 2007-01-29 | 2026-04-23 |
| CVE-2006-4344 | CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi. | [email protected] | 5.0 | 0.55% | 2006-08-24 | 2026-04-16 |
| CVE-2006-2944 | Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information. | [email protected] | 5.0 | 0.57% | 2006-06-12 | 2026-04-16 |
| CVE-2006-2943 | Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information. | [email protected] | 7.5 | 1.36% | 2006-06-12 | 2026-04-16 |