VYPR

Winamp Web Interface (Wawi)

by Winamp

CVEs (2)

  • CVE-2006-6512Dec 14, 2006
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.

  • CVE-2006-6513Dec 14, 2006
    risk 0.00cvss epss 0.01

    The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous behavior of the…