Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webapp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3417
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/cgi-lib/search.pl in web-app.org WebAPP prior to 0.9.9.7 allow remote malicious users to inject arbitrary web script or HTML via a search string, which is not sanitized when an HREF attribute is printed by the (1) pro...
Web-app.org Webapp
NA
CVE-2007-3418
The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-app.org WebAPP prior to 0.9.9.7 does not display usernames in conjunction with real names, which makes it easier for remote authenticated users to impersonate other users.
Web-app.org Webapp
NA
CVE-2007-3419
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP prior to 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of me...
Web-app.org Webapp
NA
CVE-2007-3420
The Random Cookie Password functionality in the loaduser function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP prior to 0.9.9.7 does not clear the (1) username, (2) password, (3) usertheme, and (4) userlang cookies for unauthorized users, which has unknown impact and remote a...
Web-app.org Webapp
NA
CVE-2007-3422
The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP prior to 0.9.9.7 attempts to parse query strings that contain (1) non-printing characters, (2) certain printing characters that do not commonly occur in URLs, or (3) invalid URL encoding sequences, which has unk...
Web-app.org Webapp
NA
CVE-2007-1831
web-app.org WebAPP prior to 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING.
Web-app.org Webapp
6.1
CVSSv3
CVE-2021-32683
wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open an image in a new tab (right click -> open in new tab, or copy the URL and pas...
Wire Wire-webapp
NA
CVE-2004-1742
Directory traversal vulnerability in WebAPP 0.9.9 allows remote malicious users to view arbitrary files via a .. (dot dot) in the viewcat parameter.
Web-app.org Webapp 0.9.9
1 EDB exploit
NA
CVE-2006-7188
The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP prior to 20060909 allows remote malicious users to read internal forum posts via certain requests, possibly related to the $info{'forum'} variable.
Web-app.net Webapp 0.9.9.6
NA
CVE-2006-7189
Cross-site scripting (XSS) vulnerability in cgi-bin/admin/logs.cgi in web-app.net WebAPP prior to 20060403 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the Statistics Log Viewer.
Web-app.net Webapp 0.9.9.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »