- EPSS 0.49%
- Veröffentlicht 02.03.2007 21:18:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors.
- EPSS 0.49%
- Veröffentlicht 02.03.2007 21:18:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, which has unknown impact.
CVE-2006-1427
- EPSS 0.84%
- Veröffentlicht 28.03.2006 20:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatna...
CVE-2005-1628
- EPSS 16.9%
- Veröffentlicht 17.05.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
- EPSS 0.54%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences.
- EPSS 4.82%
- Veröffentlicht 24.08.2004 04:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter.