8 matches found
EUVD-2018-18319
Malware in sbrugna...
Multiple Vulnerabilities in West Wind Web Server
West Wind Web Server is a web application server software. A security vulnerability exists in version 6.x of West Wind Web Server that originates from the program failing to perform authentication of users accessing the /ADMIN.ASP web page. An attacker could exploit this vulnerability to execute...
CVE-2018-6569
West Wind Web Server 6.x does not require authentication for /ADMIN.ASP...
Authentication flaw
West Wind Web Server 6.x does not require authentication for /ADMIN.ASP...
CVE-2018-6569
West Wind Web Server 6.x is affected: the /ADMIN.ASP page can be accessed without authentication, allowing an attacker to perform actions with potential program execution, termination, data disclosure, or DoS as described in linked CVE records. This is supported by multiple sources (CVE-2018-6569...
Design/Logic Flaw
Conarc iChannel allows remote attackers to obtain sensitive information, modify the configuration, or cause a denial of service by deleting the configuration via a wc.dll?wwMaintEditConfig request which reaches an older version of a West Wind Web Connection HTTP service...
West Wind Web Connection Unprotected Configuration Editor Application
The remote host is running a web application that utilizes the West Wind Web Connection framework. Nessus was able to access the West Wind Web Connection framework configuration file editor without providing credentials. The configuration file editor allows remote configuration of the application...
wconnect-xss.txt
HSC WCONNECT WC.DLL Cross-Site Scripting Vulnerability West Wind Web Connection is a tool for building Web applications using the Visual FoxPro environment but is also Vulnerable to Cross-Site scripting attacks. Admins need to password protect the application since its installed with out password...