VYPR

IRIS WebForms

by Systematic

CVEs (2)

  • CVE-2019-18925CriNov 12, 2019
    risk 0.64cvss 9.8epss 0.01

    Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

  • CVE-2019-18924MedNov 12, 2019
    risk 0.35cvss 5.3epss 0.01

    Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.