Wwwisis : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah.
Max CVSS
5.0
EPSS Score
0.20%
Published
2007-10-16
Updated
2018-10-15
Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter.
Max CVSS
4.3
EPSS Score
0.39%
Published
2007-10-14
Updated
2018-10-15
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog.
Max CVSS
10.0
EPSS Score
0.94%
Published
2002-08-12
Updated
2008-09-05
3 vulnerabilities found