← CVECheck
HomeVulnerabilities

CVE-2000-0810 — HIGH severity vulnerability (Auction Weaver 1.0 through 1.04 does not properly validate t)

Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.

CVE IDCVE-2000-0810
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2000-12-19
Last modified2026-04-16
DescriptionAuction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →