Vulnerability Database

296,663

Total vulnerabilities in the database

CVE-1999-1180

O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.

Published: Feb 16, 1999
Updated: Apr 13, 2023
CVE: CVE-1999-1180
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oreilly / website_pro	2.0	2.0.x
oreilly / website_pro	2.1	2.1.x
oreilly / website	1.1e	1.1e.x
oreilly / website_pro	-	2.4.x

http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html
http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo