8 matches found
CVE-2017-2179
CVE-2017-2179 (and related CVEs 2017-2181/2182) concern the Hands-on Vulnerability Learning Tool “AppGoat” for Web Application, version 3.0.2 and earlier. Affected component/technology is the AppGoat web application; root cause details are not fully disclosed in the provided documents, but the en...
CVE-2017-2101
CVE-2017-2101 affects the Hands-on Vulnerability Learning Tool “AppGoat” for Web Application (V3.0.0 and earlier). The vulnerability is an authentication bypass that allows a remote, unauthenticated attacker to perform arbitrary operations. Impact details indicate arbitrary operations can be exec...
CVE-2017-2099
The CVE-2017-2099 entry concerns the Hands-on Vulnerability Learning Tool “AppGoat” for Web Application (V3.0.0 and earlier). The connected JVN entries and NVD description indicate a remote code execution vulnerability, but the vectors are not specified in the documents provided. Affected product...
CVE-2017-2181
CVE-2017-2181 affects the Hands-on Vulnerability Learning Tool “AppGoat” Web Application, versions 3.0.2 and earlier. The provided documents state a vulnerability that allows remote attackers to obtain local files via unspecified vectors. The root cause, exact exploit path, affected components, a...
CVE-2017-2102
CVE-2017-2102 describes a cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool “AppGoat” for Web Application, version 3.0.0 and earlier. The issue can allow remote attackers to hijack the authentication of administrators through unspecified vectors. Connected so...
CVE-2017-2100
The CVE-2017-2100 entry applies to the Hands-on Vulnerability Learning Tool “AppGoat” for Web Application, specifically versions up to V3.0.1. The vulnerability is a DNS rebinding issue that can allow arbitrary code execution when a user visits a malicious page, as described by JVN/Japanese advis...
CVE-2017-2182
CVE-2017-2182 affects the Hands-on Vulnerability Learning Tool “AppGoat” Web Application (V3.0.2 and earlier). The issue allows remote attackers to obtain local files via unspecified vectors; the core details, affected component (AppGoat Web app), and impact are stated in public records, with no ...
CVE-2017-2180
CVE-2017-2180 affects AppGoat, a Hands-on Vulnerability Learning Tool for Web Application (versions 3.0.2 and earlier). The vulnerability is an information disclosure flaw where, by visiting a specially crafted URL, an attacker can obtain a local file specified by the attacker. The issue is confi...