Sign in Get started

← All vendors

Vendor

Webtrends

Sign in to watch

Products

8

CVEs

6

Across products

11

Status

Private

Products

8

Reporting Center
3 CVEs
Webtrends Log Analyzer
2 CVEs
Webtrends Enterprise Reporting Server
1 CVE
Webtrends Enterprise Reporting Server Nt
1 CVE
Webtrends Enterprise Suite
1 CVE
Webtrends For Firewalls
1 CVE
Webtrends Professional Suite
1 CVE
Webtrends Security Analyzer
1 CVE

Recent CVEs

6

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2004-2748		0.04	—	0.07		Dec 31, 2004	viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message.
CVE-2002-0595		0.03	—	0.05		Jun 18, 2002	Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory.
CVE-2001-0693		0.03	—	0.05		Sep 20, 2001	WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).
CVE-2003-1583		0.00	—	0.00		Feb 5, 2010	Cross-site scripting (XSS) vulnerability in WebTrends allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
CVE-2002-0596		0.00	—	0.01		Jun 18, 2002	WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.
CVE-1999-0916		0.00	—	0.00		Jun 29, 1999	WebTrends software stores account names and passwords in a file which does not have restricted access permissions.