Filtered by vendor Webwasher
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4514 | 1 Webwasher | 1 Csm Appliance Suite | 2024-11-21 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and has asked the researcher for more information, without a response as of 20060103. | |||||
| CVE-2005-0316 | 1 Webwasher | 1 Webwasher Classic | 2024-11-20 | 7.5 HIGH | N/A |
| WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions. | |||||