Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Progress Subscribe
Filtered by product Webspeed
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2506 1 Progress 2 Progress, Webspeed 2018-10-16 7.8 HIGH N/A
WebSpeed 3.x in OpenEdge 10.x in Progress Software Progress 9.1e, and certain other 9.x versions, allows remote attackers to cause a denial of service (infinite loop and daemon hang) via a messenger URL that invokes _edit.r with no additional parameters, as demonstrated by requests for cgiip.exe or wsisa.dll with WService=wsbroker1/_edit.r in the PATH_INFO.
CVE-2000-0127 1 Progress 1 Webspeed 2008-09-10 7.5 HIGH N/A
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.