VYPR

weborf

by Weborf

Source repositories

CVEs (3)

  • CVE-2023-46586CriOct 9, 2024
    risk 0.52cvss 9.1epss 0.01

    cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for CGI scripts because strncpy is misused.

  • CVE-2011-0529HigNov 20, 2019
    risk 0.49cvss 7.5epss 0.01

    Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.

  • CVE-2010-3306Sep 24, 2010
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allows remote attackers to read arbitrary files via ..%2f sequences in a URI.