eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
Max CVSS
7.5
EPSS Score
0.66%
Published
2005-07-11
Updated
2016-10-18
eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
Max CVSS
7.5
EPSS Score
0.39%
Published
2005-07-11
Updated
2016-10-18
2 vulnerabilities found