Lucene search

K

Webapp Security Vulnerabilities

cve
cve

CVE-2007-1176

Multiple cross-site scripting (XSS) vulnerabilities in WebAPP before 0.9.9.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) Gallery Comments pages, (2) Feedback pages, (3) Search Results pages, and (4) the Statistics Log...

5.8AI Score

0.008EPSS

2007-03-02 09:18 PM
29
cve
cve

CVE-2007-1180

WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown...

6.9AI Score

0.003EPSS

2007-03-02 09:18 PM
24
cve
cve

CVE-2007-1184

The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false...

6.5AI Score

0.004EPSS

2007-03-02 09:18 PM
26
cve
cve

CVE-2007-1179

WebAPP before 0.9.9.5 does not properly manage e-mail addresses in certain contexts related to (1) the Recommend feature, Email Article (2) senders and (3) recipients, (4) New User Approval, (5) Edit Profiles, (6) the Newsletter Subscription form, (7) the Recommend form, and (8) sending of...

6.6AI Score

0.004EPSS

2007-03-02 09:18 PM
23
cve
cve

CVE-2007-1183

WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack...

6.2AI Score

0.016EPSS

2007-03-02 09:18 PM
19
cve
cve

CVE-2006-6688

Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET) allows remote attackers to bypass filtering mechanisms via unknown vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party...

6.9AI Score

0.005EPSS

2006-12-21 09:28 PM
21
cve
cve

CVE-2006-1427

Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter in cgi-bin/index.cgi, or (10) vsSD.....

5.8AI Score

0.008EPSS

2006-03-28 08:02 PM
19
cve
cve

CVE-2005-1707

The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary...

6.2AI Score

0.0004EPSS

2005-05-24 04:00 AM
19
cve
cve

CVE-2005-1628

apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f...

7.8AI Score

0.047EPSS

2005-05-17 04:00 AM
24
cve
cve

CVE-2005-0927

Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .....

6.7AI Score

0.003EPSS

2005-05-02 04:00 AM
21
cve
cve

CVE-2004-1742

Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat...

6.7AI Score

0.019EPSS

2005-02-26 05:00 AM
26
Total number of security vulnerabilities61