Show filters
36 Total Results
Displaying 31-36 of 36
Sort by:
Attacker Value
Unknown
CVE-2007-1182
Disclosure Date: March 02, 2007 (last updated October 04, 2023)
WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact.
0
Attacker Value
Unknown
CVE-2007-1180
Disclosure Date: March 02, 2007 (last updated October 04, 2023)
WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact.
0
Attacker Value
Unknown
CVE-2006-1427
Disclosure Date: March 28, 2006 (last updated February 22, 2025)
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter in cgi-bin/index.cgi, or (10) vsSD parameter in /mods/calendar/index.cgi.
0
Attacker Value
Unknown
CVE-2005-1628
Disclosure Date: May 17, 2005 (last updated February 22, 2025)
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
0
Attacker Value
Unknown
CVE-2005-0927
Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences.
0
Attacker Value
Unknown
CVE-2004-1742
Disclosure Date: August 24, 2004 (last updated February 22, 2025)
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter.
0
