Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2128 | 1 Brs | 1 Webweaver | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll. | |||||
| CVE-2003-1165 | 1 Brs | 1 Webweaver | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | |||||
| CVE-2003-0409 | 1 Brs | 1 Webweaver | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request. | |||||
| CVE-2003-1235 | 1 Brs | 1 Webweaver | 2008-09-05 | 5.0 MEDIUM | N/A |
| BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory. | |||||
| CVE-2002-1546 | 1 Brs | 1 Webweaver | 2008-09-05 | 7.5 HIGH | N/A |
| BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and directories via an HTTP request containing a "/./" sequence. | |||||
| CVE-2001-0452 | 1 Brs | 1 Webweaver | 2008-09-05 | 5.0 MEDIUM | N/A |
| BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | |||||
| CVE-2001-0453 | 1 Brs | 1 Webweaver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories. | |||||