Roundup@0.5.6 Security Vulnerabilities and Issues — Roundup@0.5.6 CVE List

Lucene search

Roundup-trackerRoundup0.5.6

4 matches found

CVE•added 2008/03/24 10:44 p.m.•60 views

CVE-2008-1474

Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS).

4.3CVSS5.9AI score0.01035EPSS

CVE•added 2010/09/24 7:0 p.m.•47 views

CVE-2010-2491

Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.

4.3CVSS5.5AI score0.0061EPSS

CVE•added 2008/03/24 10:44 p.m.•42 views

CVE-2008-1475

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.

6.4CVSS6.1AI score0.0047EPSS

CVE•added 2005/02/13 5:0 a.m.•34 views

CVE-2004-1444

Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request.

5CVSS6.8AI score0.16535EPSS