VYPR

Personal Edition

by Working Resources Inc.

CVEs (4)

  • CVE-2002-1683Dec 31, 2002
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.

  • CVE-2008-2003Apr 28, 2008
    risk 0.00cvss epss 0.03

    BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3)…

  • CVE-2002-1684Dec 31, 2002
    risk 0.00cvss epss 0.05

    Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5.x and BadBlue Personal Edition 1.5.6 allows remote attackers to read arbitrary files via a ../ (dot dot slash) in the script used to read Microsoft Office documents.

  • CVE-2001-1140Aug 22, 2001
    risk 0.00cvss epss 0.02

    BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request.