VYPR
Vendor

Instaguide

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2007-5674Oct 24, 2007
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PageName parameter.

  • CVE-2023-30715Sep 6, 2023
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

  • CVE-2022-28780May 3, 2022
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.

  • CVE-2022-25815Mar 8, 2022
    risk 0.00cvss epss 0.00

    PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.