VYPR

Webweaver

by Brs

CVEs (6)

  • CVE-2003-0409Jun 30, 2003
    risk 0.04cvss epss 0.08

    Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.

  • CVE-2004-2128Dec 31, 2004
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.

  • CVE-2003-1165Dec 31, 2003
    risk 0.03cvss epss 0.06

    Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.

  • CVE-2001-0452Jun 27, 2001
    risk 0.03cvss epss 0.03

    BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.

  • CVE-2002-1546Mar 31, 2003
    risk 0.00cvss epss 0.02

    BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence.

  • CVE-2001-0453Jun 27, 2001
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.