CVE-2000-0853
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2000-0853
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
YABB远程文件泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
YaBB.pl是一个基于Web的公告牌脚本程序。 YaBB.pl它将公告牌中的文章存放在编号的文本文件中。编号的文件名是在调用YaBB.pl时通过变量num=<file>来指定的。在检索该文件之前,YaBB在<file>后面添加一个后缀.txt。 由于YaBB中的输入合法性检查错误,在<file>中可以指定相对路径。这包括../类型的路径。此外,<file>可以不是数字格式,而且.txt后缀可以通过在<file>后面添加%00来避免。通过在单个请求中使用上述的这些漏洞,恶意用户可以察看Web服务器可以存取
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2000-0853
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2000-0853
请登录查看更多情报信息。
Same Patch Batch · n/a · 2001-01-22 · 232 CVEs total
| CVE-2000-1024 | eWave ServletExec权限许可漏洞 | |
| CVE-2000-1001 | Element InstantShop add_2_basket.asp漏洞 | |
| CVE-2000-1002 | Stalker CommuniGate Pro漏洞 | |
| CVE-2000-1003 | Windows 95和Windows 98 NETBIOS客户端拒绝服务漏洞 | |
| CVE-2000-1004 | OpenBSD photurisd格式字符串漏洞 | |
| CVE-2000-1005 | Extropia WebStore远程目录遍历文件泄露漏洞 | |
| CVE-2000-1006 | Microsoft Exchange Server 安全漏洞 | |
| CVE-2000-1007 | I-gear漏洞 | |
| CVE-2000-1010 | OpenBSD talkd格式化字符串漏洞 | |
| CVE-2000-1011 | FreeBSD catopen()函数缓冲区溢出漏洞 | |
| CVE-2000-1014 | Unixware SCO help http server search97.cgi CGI命令执行漏洞 | |
| CVE-2000-1016 | SuSE漏洞 | |
| CVE-2000-1018 | shred漏洞 | |
| CVE-2000-1019 | Ultraseek搜索引擎漏洞 | |
| CVE-2000-1022 | Cisco Secure PIX Firewall漏洞 | |
| CVE-2000-1043 | Mandrake Linux格式化字符串漏洞 | |
| CVE-2000-1040 | ypbind对数函数格式化字符串漏洞 | |
| CVE-2000-1041 | ypbind缓冲区溢出漏洞 | |
| CVE-2000-1042 | Mandrake Linux ypserv缓冲区溢出漏洞 | |
| CVE-2000-1038 | IBM AS/400 Firewall web管理界面漏洞 |
Showing top 20 of 232 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2000-0853
No comments yet