CVE-2000-1171

Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter.

Publication date: Tue, 09 Jan 2001 11:00:00 +0000

Cyber News related to CVE-2000-1171

CVE-2007-5125 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1171. Reason: This candidate is a duplicate of CVE-2007-1171. Notes: All CVE users should reference CVE-2007-1171 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2000-1171 - Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter. ...
7 years ago

CVE-2000-0744 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2008-5416 - Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 ...
6 years ago

CVE-2008-0086 - Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. ...
6 years ago

CVE-2008-0107 - Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 ...
5 years ago

CVE-2008-0085 - SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize ...
5 years ago

CVE-2021-47460 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 ...
7 months ago Tenable.com

CVE-2024-49883 - In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use ...
2 months ago Tenable.com

CVE-2020-1171 - A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is ...
3 years ago

CVE-2020-1192 - A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique ...
3 years ago

CVE-2008-1171 - ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) ...
6 years ago

CVE-2010-1171 - Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and ...
2 years ago

CVE-2001-1171 - Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. ...
16 years ago

CVE-2013-1171 - Multiple cross-site scripting (XSS) vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs ...
11 years ago

CVE-2012-1171 - The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. ...
10 years ago

CVE-2015-1171 - Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file. ...
9 years ago

CVE-2016-1171 - Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
8 years ago

CVE-2003-1171 - Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. ...
7 years ago

CVE-2004-1171 - KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with ...
7 years ago

CVE-2005-1171 - Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. ...
7 years ago

CVE-2007-1171 - SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie. ...
6 years ago

CVE-2019-1171 - An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage, aka 'SymCrypt Information Disclosure Vulnerability'. ...
5 years ago

CVE-2017-1171 - The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 2001083. ...
5 years ago

CVE-2018-1171 - This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...
4 years ago

Latest Cyber News

CVE-2024-12895 - 9 hours ago
CVE-2024-12894 - 11 hours ago
CVE-2024-12893 - 15 hours ago
CVE-2024-12892 - 15 hours ago
CVE-2024-12891 - 16 hours ago
CVE-2024-12890 - 17 hours ago
CVE-2024-11852 - 21 hours ago
CVE-2024-12884 - 1 day ago
CVE-2024-51463 - 1 day ago
CVE-2024-51464 - 1 day ago
CVE-2024-12883 - 1 day ago
CVE-2024-12875 - 1 day ago
CVE-2024-12591 - 1 day ago
CVE-2024-12408 - 1 day ago
CVE-2024-12558 - 1 day ago
CVE-2024-11722 - 1 day ago
CVE-2024-11688 - 1 day ago
CVE-2024-10453 - 1 day ago
CVE-2024-11808 - 1 day ago
CVE-2024-12588 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-11852 - 21 hours ago
CVE-2024-12890 - 17 hours ago
CVE-2024-12891 - 16 hours ago
CVE-2024-12892 - 15 hours ago
CVE-2024-12893 - 15 hours ago
CVE-2024-12894 - 11 hours ago
CVE-2024-12895 - 9 hours ago
CVE-2024-12841 - 2 days ago
CVE-2024-37758 - 2 days ago
CVE-2024-55342 - 2 days ago
CVE-2024-12842 - 2 days ago
CVE-2024-12867 - 2 days ago
CVE-2024-55341 - 2 days ago
CVE-2024-56329 - 2 days ago
CVE-2024-56330 - 2 days ago
CVE-2024-56331 - 2 days ago
CVE-2024-56333 - 2 days ago
CVE-2024-12843 - 2 days ago
CVE-2024-12844 - 2 days ago
CVE-2024-40875 - 2 days ago