CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2007-1184
https://notcve.org/view.php?id=CVE-2007-1184
The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data. La configuración por defecto de WebAPP anterio a 0.9.9.5 tiene una configuración CAPTCHA de "no," lo cual face facil para programas automáticos enviar datos falsos. • http://osvdb.org/33294 http://secunia.com/advisories/24080 http://www.securityfocus.com/bid/22563 http://www.vupen.com/english/advisories/2007/0604 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250 • CWE-16: Configuration •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 3CVE-2005-1628 – WebAPP 0.9.9.2.1 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2005-1628
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. • https://www.exploit-db.com/exploits/1005 https://www.exploit-db.com/exploits/1004 http://www.defacers.com.mx/advisories/3.txt http://www.securityfocus.com/archive/1/449517/100/200/threaded http://www.securityfocus.com/archive/1/449573/100/200/threaded http://www.securityfocus.com/bid/13637 http://www.soulblack.com.ar/repo/tools/sbwebapp.txt http://www.vupen.com/english/advisories/2005/0554 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0927
https://notcve.org/view.php?id=CVE-2005-0927
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. • http://secunia.com/advisories/14716 http://sourceforge.net/project/shownotes.php?release_id=316038 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=195 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3CVE-2004-1742 – Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal
https://notcve.org/view.php?id=CVE-2004-1742
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. • https://www.exploit-db.com/exploits/24408 http://cornerstone.web-app.org/cgi-bin/index.cgi?action=downloadinfo&cat=updates&id=1 http://marc.info/?l=bugtraq&m=109336268002879&w=2 http://secunia.com/advisories/12373 http://www.securityfocus.com/bid/11028 https://exchange.xforce.ibmcloud.com/vulnerabilities/17100 •