IRIS WebForms
by Systematic
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18925 | Cri | 0.64 | 9.8 | 0.01 | Nov 12, 2019 | Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication. | ||
| CVE-2019-18924 | Med | 0.35 | 5.3 | 0.01 | Nov 12, 2019 | Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists. |
- risk 0.64cvss 9.8epss 0.01
Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.
- risk 0.35cvss 5.3epss 0.01
Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.