Paul Smith Computer Services Vcap : Security vulnerabilities, CVEs

Copy

CVE-2006-5033

Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers or malformed URL encoding.

Max CVSS

5.0

EPSS Score

17.78%

Published

2006-09-27

Updated

2017-07-20

CVE-2006-5034

Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.

Max CVSS

5.0

EPSS Score

1.60%

Published

2006-09-27

Updated

2017-07-20

CVE-2006-5035

Multiple cross-site scripting (XSS) vulnerabilities in Paul Smith Computer Services vCAP 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the statusmsg parameter in RegisterPage.cgi or (2) a URI corresponding to a nonexistent file. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Max CVSS

4.3

EPSS Score

0.29%

Published

2006-09-27

Updated

2011-03-08

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!