CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2013-1410 – Perforce P4Web - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-1410
Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities Perforce P4web versiones 2011.1 y 2012.1, presenta múltiples vulnerabilidades de tipo XSS. • https://www.exploit-db.com/exploits/38235 https://www.exploit-database.net/?id=59355 https://www.securityfocus.com/bid/57514/info • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 0CVE-2007-6349
https://notcve.org/view.php?id=CVE-2007-6349
P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with an empty body and a Content-Length greater than 0. P4Webs.exe de Perforce P4Web 2006.2 y anteriores, cuando se ejecuta sobre Windows, permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante una petición HTTP con un cuerpo vacío y un valor Content-Length mayor que 0. • http://secunia.com/advisories/28158 http://securityreason.com/securityalert/3476 http://www.osvdb.org/39297 http://www.securityfocus.com/archive/1/485321/100/0/threaded http://www.securityfocus.com/bid/26806 http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-015.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/39142 • CWE-399: Resource Management Errors •