Vulnerability Database

Published: Oct 20, 2000
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2000-0686" target="_blank" rel="noopener"> CVE-2000-0686
Severity: Medium
Exploit:

299,749

Total vulnerabilities in the database

Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
cgi_script_center / auction_weaver	-	1.02.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.