Vulnerabilities (CVE)

Filtered by vendor Fujitsu-siemens Subscribe
Filtered by product Webtransactions
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5810 1 Fujitsu-siemens 1 Webtransactions 2024-02-04 10.0 HIGH N/A
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.
CVE-2008-5842 1 Fujitsu-siemens 1 Webtransactions 2024-02-04 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with (1) a demo application shipped with WebTransactions and possibly (2) an unspecified "dynamic application."