Page 8 of 38 results (0.001 seconds)

CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 3

apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. • https://www.exploit-db.com/exploits/1005 https://www.exploit-db.com/exploits/1004 http://www.defacers.com.mx/advisories/3.txt http://www.securityfocus.com/archive/1/449517/100/200/threaded http://www.securityfocus.com/archive/1/449573/100/200/threaded http://www.securityfocus.com/bid/13637 http://www.soulblack.com.ar/repo/tools/sbwebapp.txt http://www.vupen.com/english/advisories/2005/0554 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. • http://secunia.com/advisories/14716 http://sourceforge.net/project/shownotes.php?release_id=316038 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=195 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3

Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. • https://www.exploit-db.com/exploits/24408 http://cornerstone.web-app.org/cgi-bin/index.cgi?action=downloadinfo&cat=updates&id=1 http://marc.info/?l=bugtraq&m=109336268002879&w=2 http://secunia.com/advisories/12373 http://www.securityfocus.com/bid/11028 https://exchange.xforce.ibmcloud.com/vulnerabilities/17100 •