Lucene search
K

30 matches found

Cvelist
Cvelist
added 2007/04/25 8:0 p.m.29 views

CVE-2007-2266

Progress Webspeed Messenger allows remote attackers to read, create, modify, and execute arbitrary files by invoking webutil/cpyfile.p in the WService parameter to 1 cgiip.exe or 2 wsisa.dll in scripts/, as demonstrated by using the save,editor options to create a new file using the fileName...

7.3AI score0.02404EPSS
Exploits1References5
CVE
CVE
added 2007/04/25 8:0 p.m.66 views

CVE-2007-2266

Progress Webspeed Messenger is affected by a vulnerability where an attacker can remotely read, create, modify, and execute arbitrary files by invoking webutil/_cpyfile.p in the WService parameter to (1) cgiip.exe or (2) wsisa.dll in scripts/, as demonstrated through the save, editor options usin...

10CVSS7.3AI score0.02404EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2007/04/25 12:0 a.m.28 views

webspeed-exec.txt

Because of a flaw in cpyfile.p which is a default installed file it is possible to gain full control of a machine running Progress Webspeed Messenger. You can access, change and edit allmost any file on the server running the Webspeed Messenger even when the workshop is disabled. First you have t...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/04/25 12:0 a.m.248 views

Progress Webspeed exploit for all releases

Because of a flaw in cpyfile.p which is a default installed file it is possible to gain full control of a machine running Progress Webspeed Messenger. You can access, change and edit allmost any file on the server running the Webspeed Messenger even when the workshop is disabled. First you have t...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2007/04/24 12:0 a.m.21 views

Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access

Progress 3.1 - Webspeed CPYFile.P Unauthorized Access source: https://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/04/24 12:0 a.m.54 views

Progress 3.1 - Webspeed _CPYFile.P Unauthorized Access

source: https://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute malicious WebSpeed code on the host running the webserve...

7AI score
Exploits0
CVE
CVE
added 2000/10/13 4:0 a.m.64 views

CVE-2000-0127

CVE-2000-0127 affects Webspeed: the configuration program fails to disable access to the WSMadmin utility, enabling remote attackers to gain privileges via wsisa.dll. The vulnerability is triggered by unauthenticated access to the WSMadmin component, potentially allowing an attacker to take contr...

7.5CVSS7AI score0.04189EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.23 views

CVE-2000-0127

The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll...

7AI score0.04189EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2000/02/05 12:0 a.m.72 views

WebSpeed Messenger Administration Utility Unauthenticated Access

The remote web server appears to be using Webspeed, a website creation language used with database-driven websites. The version of Webspeed installed on the remote host allows anonymous access to the 'WSMadmin' utility, which is used configure Webspeed. An attacker can exploit this issue to gain...

7.5CVSS5.5AI score0.04189EPSS
Exploits0References2
NVD
NVD
added 2000/02/03 5:0 a.m.14 views

CVE-2000-0127

The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll...

7.5CVSS7AI score0.04189EPSS
Exploits0References2
Rows per page
Query Builder