Security Vulnerabilities, CVEs, Published In April 2000 CVSS score >= 9
CVE-2000-0248
Public exploit
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
1.33%
Published
2000-04-24
Updated
2008-09-10
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.
Max CVSS
10.0
EPSS Score
0.67%
Published
2000-04-11
Updated
2018-05-03
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.
Max CVSS
10.0
EPSS Score
1.45%
Published
2000-04-12
Updated
2008-09-10
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command.
Max CVSS
10.0
EPSS Score
3.59%
Published
2000-04-21
Updated
2018-10-19
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
Max CVSS
10.0
EPSS Score
0.83%
Published
2000-04-06
Updated
2008-09-10
CVE-2000-0322
Public exploit
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
Max CVSS
10.0
EPSS Score
23.67%
Published
2000-04-24
Updated
2016-09-17
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.
Max CVSS
9.8
EPSS Score
0.64%
Published
2000-04-14
Updated
2024-02-08
7 vulnerabilities found