cgi_script_center 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2001-0086 | CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter. | [email protected] | 5.0 | 0.74% | 2001-02-12 | 2026-04-16 |
| CVE-2000-0811 | Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | [email protected] | 5.0 | 0.73% | 2000-12-19 | 2026-04-16 |
| CVE-2000-0810 | Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | [email protected] | 7.5 | 0.63% | 2000-12-19 | 2026-04-16 |
| CVE-2000-0690 | Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter. | [email protected] | 10.0 | 5.42% | 2000-10-20 | 2026-04-16 |
| CVE-2000-0689 | Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter. | [email protected] | 7.5 | 8.45% | 2000-10-20 | 2026-04-16 |
| CVE-2000-0688 | Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter. | [email protected] | 7.5 | 6.78% | 2000-10-20 | 2026-04-16 |
| CVE-2000-0687 | Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter. | [email protected] | 10.0 | 1.00% | 2000-10-20 | 2026-04-16 |
| CVE-2000-0686 | Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter. | [email protected] | 5.0 | 0.72% | 2000-10-20 | 2026-04-16 |