CVE-2000-1118

  • Last update: Apr 13, 2023

Description

24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.

Software From Fixed in
24link / 24link 1.06 1.06.x

Details

    • Severity: High
  • CVE: CVE-2000-1118
  • Published: Jan 9, 2001
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P