Web-app.net : Security Vulnerabilities, CVEs, CVSS score >= 5
The Menu Manager Mod for (1) web-app.net WebAPP (aka WebAPP NE) 0.9.9.3.3 through 0.9.9.8, and (2) web-app.org WebAPP before 0.9.9.6, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the titles of items in a personal menu.
Max CVSS
7.5
EPSS Score
1.77%
Published
2007-06-15
Updated
2018-10-16
Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, described as "[having] other [security] issues too, not as bad as letting users take over your admin account, but bad too."
Max CVSS
7.5
EPSS Score
0.26%
Published
2007-04-03
Updated
2008-11-13
The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info{'forum'} variable.
Max CVSS
5.0
EPSS Score
0.19%
Published
2007-04-03
Updated
2008-09-05
cgi-lib/subs.pl in web-app.net WebAPP before 0.9.9.3.5 allows attackers to open list files in "profile and other functions," a different vulnerability than CVE-2005-0927.
Max CVSS
5.0
EPSS Score
0.15%
Published
2007-04-03
Updated
2008-09-05
Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET) allows remote attackers to bypass filtering mechanisms via unknown vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
7.5
EPSS Score
0.51%
Published
2006-12-21
Updated
2008-09-05
5 vulnerabilities found