EUVD-2007-5459

Malware in sbrugna...

Directory traversal

Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. dot dot in the IsisScript parameter to iah...

CVE-2007-5484

The CVE-2007-5484 entry documents a directory traversal vulnerability in WWWISIS 7.1, specifically in wxis.exe, where an attacker can cause local file disclosure by supplying a .. (dot dot) in the IsisScript parameter to iah. The vulnerability affects WWWISIS 7.1; the exact vulnerable component i...

CVE-2007-5484

Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. dot dot in the IsisScript parameter to iah...

Cross site scripting

Cross-site scripting XSS vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter...

CVE-2007-5455

The CVE-2007-5455 entry describes a Cross-site Scripting (XSS) vulnerability in the wxis.exe component of WWWISIS 7.1 and earlier . The issue allows remote attackers to inject arbitrary script or HTML via the IsisScript code path (iah/iah.xis), potentially involving the lang or exprSearch paramet...