关于 CVE-2000-0810 的漏洞信息

1. 漏洞描述
From NVD
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
From 神龙GPT (AIGC)
拍卖 Weaver 1.0 到 1.04 未正确验证表单字段名称,这允许远程攻击者通过..(dot dot)攻击删除任意文件和目录。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference