Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webapp vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-1185
The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP prior to 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors.
Web-app.org Webapp 0.9.9.2.1
Web-app.org Webapp 0.9.9.3
Web-app.org Webapp 0.9.9.3.1
Web-app.org Webapp 0.9.9.3.2
Web-app.org Webapp 0.9.9
Web-app.org Webapp 0.9.9.4
Web-app.org Webapp 0.9.9.1
Web-app.org Webapp 0.9.9.2
5.5
CVSSv2
CVE-2007-1187
WebAPP prior to 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches.
Web-app.org Webapp 0.9.9.2
Web-app.org Webapp 0.9.9.2.1
Web-app.org Webapp 0.9.9.3
Web-app.org Webapp 0.9.9.3.1
Web-app.org Webapp 0.9.9.3.2
Web-app.org Webapp 0.9.9.4
Web-app.org Webapp 0.9.9
Web-app.org Webapp 0.9.9.1
4.3
CVSSv2
CVE-2006-1427
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter i...
Web-app.org Webapp 0.9.9.3.2
Web-app.org Webapp 0.9.9.1
Web-app.org Webapp 0.9.9.2
Web-app.org Webapp 0.9.9.2.1
Web-app.org Webapp 0.9.9.3
Web-app.org Webapp 0.9.9.3.1
2 EDB exploits
4.3
CVSSv2
CVE-2021-21400
wire-webapp is an open-source front end for Wire, a secure collaboration platform. In wire-webapp before version 2021-03-15-production.0, when being prompted to enter the app-lock passphrase, the typed passphrase will be sent into the most recently used chat when the user does no...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
4.3
CVSSv2
CVE-2022-29168
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context ...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
5
CVSSv2
CVE-2007-3416
Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2) profiles, (3) IP bans, and (4) forums in (a) web-app.org WebAPP 0.8 up to and including 0.9.9.6; and (b) web-app.net WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007; allow remote malicious us...
Web App.net Webapp 0.9.9.3.4
Web App.net Webapp 2007
Web-app.org Webapp
Web App.net Webapp 0.9.9.3.3
4.3
CVSSv2
CVE-2022-24799
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receive...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
2.1
CVSSv2
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions prior to 2022-01-27-production.0 ephemeral messages and assets might ...
Wire Wire-webapp 2016-07-29-17-00
Wire Wire-webapp 2016-08-04-15-44
Wire Wire-webapp 2016-08-23-09-31
Wire Wire-webapp 2016-08-24-10-10
Wire Wire-webapp 2016-08-29-14-54
Wire Wire-webapp 2016-09-08-15-38
Wire Wire-webapp 2016-09-19-14-01
Wire Wire-webapp 2016-09-28-14-58
Wire Wire-webapp 2016-10-11-15-34
Wire Wire-webapp 2016-10-18-08-10
Wire Wire-webapp 2016-10-25-08-17
Wire Wire-webapp 2016-10-26-18-58
Wire Wire-webapp 2016-11-03-16-09
Wire Wire-webapp 2016-11-08-15-06
Wire Wire-webapp 2016-12-01-12-57
Wire Wire-webapp 2016-12-13-15-12
Wire Wire-webapp 2017-01-23-12-12
Wire Wire-webapp 2017-02-01-14-49
Wire Wire-webapp 2017-02-17-10-10
Wire Wire-webapp 2017-02-24-13-06
Wire Wire-webapp 2017-03-08-17-32
Wire Wire-webapp 2017-03-14-15-05
6.8
CVSSv2
CVE-2007-1489
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote malicious users to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vul...
Web-app.org Webapp 0.9.9.6
Web-app.org Webapp 0.9.9.4
Web-app.org Webapp 0.9.9.5
7.5
CVSSv2
CVE-2005-1628
apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote malicious users to execute arbitrary commands via shell metacharacters in the f parameter.
Web-app.org Webapp 0.9.9.2.1
Web-app.org Webapp 0.9.9.2
Web-app.org Webapp 0.9.9
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »