Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-7261 | 1 Ultrapop | 1 I-httpd | 2014-12-12 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263. | |||||
CVE-2014-7260 | 1 Ultrapop | 1 I-httpd | 2014-12-12 | 7.5 HIGH | N/A |
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives. | |||||
CVE-2014-7262 | 1 Ultrapop | 1 I-httpd | 2014-12-12 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string. | |||||
CVE-2014-7263 | 1 Ultrapop | 1 I-httpd | 2014-12-12 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261. |