CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0334
https://notcve.org/view.php?id=CVE-2000-0334
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. • http://www.allaire.com/handlers/index.cfm?ID=15411&Method=Full http://www.securityfocus.com/bid/1181 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0050
https://notcve.org/view.php?id=CVE-2000-0050
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. • http://www.allaire.com/handlers/index.cfm?ID=13976&Method=Full http://www.securityfocus.com/bid/915 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0051
https://notcve.org/view.php?id=CVE-2000-0051
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. • http://www.allaire.com/handlers/index.cfm?ID=13977&Method=Full http://www.securityfocus.com/bid/916 •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 0CVE-2000-0120
https://notcve.org/view.php?id=CVE-2000-0120
The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. • http://www.securityfocus.com/bid/955 https://exchange.xforce.ibmcloud.com/vulnerabilities/4025 •