CVE-2008-1166

Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames...

Code injection

Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames...

CVE-2008-1166

CVE-2008-1166 relates to Flyspray 0.9.9.4, where authentication errors reveal whether a username is valid or invalid. The description in the CVE entry and corroborating records state that this behavior enables remote attackers to enumerate usernames. The connected documents corroborate Flyspray a...

CVE-2006-6687

CVE-2006-6687 describes a cross-site scripting (XSS) vulnerability in Web Automated Perl Portal (WebAPP) versions 0.9.9.4 and 0.9.9.3.4 Network Edition (WebAPP.NET). The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The NVD entry notes a net...

CVE-2006-6688

Web Automated Perl Portal (WebAPP) versions 0.9.9.4 and 0.9.9.3.4 Network Edition (WebAPP.NET) are identified as vulnerable to bypassing filtering mechanisms by remote attackers via unknown vectors. The CVSS data indicates NETWORK attack vector, low complexity, no authentication required, with pa...