本頁列出影響 cgi_script_center auction_weaver 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2000-0811 | Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | [email protected] | 5.0 | 1.56% | 2000-12-19 | 2026-06-16 |
| CVE-2000-0810 | Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | [email protected] | 7.5 | 1.61% | 2000-12-19 | 2026-06-16 |
| CVE-2000-0690 | Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter. | [email protected] | 10.0 | 10.51% | 2000-10-20 | 2026-06-16 |
| CVE-2000-0687 | Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter. | [email protected] | 10.0 | 2.51% | 2000-10-20 | 2026-06-16 |
| CVE-2000-0686 | Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter. | [email protected] | 5.0 | 1.45% | 2000-10-20 | 2026-06-16 |