Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webapp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1183
WebAPP prior to 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors.
Web-app.org Webapp
NA
CVE-2007-1174
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP prior to 20070214 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, related to unspecified fields in user Profiles. NOTE: some of these details are obtained from third party i...
Web-app.org Webapp
NA
CVE-2007-1175
Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP prior to 20070209 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Web-app.org Webapp
NA
CVE-2007-1176
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP prior to 0.9.9.5 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) Gallery Comments pages, (2) Feedback pages, (3) Search Results pages, and (4) the Statistics L...
Web-app.org Webapp
NA
CVE-2007-1178
WebAPP prior to 0.9.9.5 does not check access in certain contexts related to (1) Calendar Administration, (2) Instant Messages Administration, and (3) the Image Uploader, which has unknown impact and attack vectors.
Web-app.org Webapp
NA
CVE-2007-1180
WebAPP prior to 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact.
Web-app.org Webapp
6.1
CVSSv3
CVE-2021-32683
wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open an image in a new tab (right click -> open in new tab, or copy the URL and pas...
Wire Wire-webapp
NA
CVE-2006-7188
The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP prior to 20060909 allows remote malicious users to read internal forum posts via certain requests, possibly related to the $info{'forum'} variable.
Web-app.net Webapp 0.9.9.6
NA
CVE-2007-1830
Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote malicious users to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch",...
Web-app.org Webapp 0.9.9.6
NA
CVE-2007-1829
Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, described as "[having] other [security] issues too, not as bad as letting users take over your admin account, but bad too."
Web-app.net Webapp 0.9.9.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »