CVE-2001-0212

Name of the Vulnerable Software and Affected Versions: HIS Auktion version 1.62

Description: A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in the menue parameter. It is also possible for attackers to execute commands via shell metacharacters.

Recommendations: For HIS Auktion version 1.62, consider restricting access to the menue parameter to prevent directory traversal attacks, and avoid using shell metacharacters in input to minimize the risk of command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.