NotCVE - vendor:"Zarafa" product:"Webapp" version:" <= 1.5"

Page 9 of 45 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2006-6687

https://notcve.org/view.php?id=CVE-2006-6687

Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Automated Perl Portal (WebAPP) 0.9.9.4, y 0.9.9.3.4 Network Edition (NE) (también conocido como WebAPP.NET), permite a atacantes remotos inyectar scripts web o HTML de su elección mediante vectores no especificados. NOTA: El origen de esta información es desconocido; los detalles se han obtenido solamente de información de terceros. • http://www.securityfocus.com/bid/21684 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 2

CVE-2006-1427 – Web-APP.net WebAPP 0.9.x - '/mods/calendar/index.cgi?vsSD' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2006-1427

Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter in cgi-bin/index.cgi, or (10) vsSD parameter in /mods/calendar/index.cgi. • https://www.exploit-db.com/exploits/27562 https://www.exploit-db.com/exploits/27561 http://pridels0.blogspot.com/2006/03/webapp-multiple-xss-vuln.html http://secunia.com/advisories/19506 http://www.osvdb.org/24278 http://www.osvdb.org/24279 http://www.securityfocus.com/bid/17359 http://www.vupen.com/english/advisories/2006/1102 http://www.web-app.net/cgi-bin/index.cgi?action=downloadinfo&cat=pastversions&id=1 http://www.web-app.net/cgi-bin/index.cgi?action=re •

CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 3

CVE-2005-1628 – WebAPP 0.9.9.2.1 - Remote Command Execution

https://notcve.org/view.php?id=CVE-2005-1628

apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. • https://www.exploit-db.com/exploits/1005 https://www.exploit-db.com/exploits/1004 http://www.defacers.com.mx/advisories/3.txt http://www.securityfocus.com/archive/1/449517/100/200/threaded http://www.securityfocus.com/archive/1/449573/100/200/threaded http://www.securityfocus.com/bid/13637 http://www.soulblack.com.ar/repo/tools/sbwebapp.txt http://www.vupen.com/english/advisories/2005/0554 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2005-0927

https://notcve.org/view.php?id=CVE-2005-0927

Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. • http://secunia.com/advisories/14716 http://sourceforge.net/project/shownotes.php?release_id=316038 http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=195 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 3

CVE-2004-1742 – Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal

https://notcve.org/view.php?id=CVE-2004-1742

Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. • https://www.exploit-db.com/exploits/24408 http://cornerstone.web-app.org/cgi-bin/index.cgi?action=downloadinfo&cat=updates&id=1 http://marc.info/?l=bugtraq&m=109336268002879&w=2 http://secunia.com/advisories/12373 http://www.securityfocus.com/bid/11028 https://exchange.xforce.ibmcloud.com/vulnerabilities/17100 •

1...7 8 9