Vulnerability Database
299,879
Total vulnerabilities in the database
CVE-2006-1427
Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter in cgi-bin/index.cgi, or (10) vsSD parameter in /mods/calendar/index.cgi.
| Software | From | Fixed in |
|---|---|---|
| web-app.org / webapp | 0.9.9.3 | 0.9.9.3.x |
| web-app.org / webapp | 0.9.9.3.2 | 0.9.9.3.2.x |
| web-app.org / webapp | 0.9.9.2.1 | 0.9.9.2.1.x |
| web-app.org / webapp | 0.9.9.2 | 0.9.9.2.x |
| web-app.org / webapp | 0.9.9.1 | 0.9.9.1.x |
| web-app.org / webapp | 0.9.9.3.1 | 0.9.9.3.1.x |
- http://pridels0.blogspot.com/2006/03/webapp-multiple-xss-vuln.html
- http://secunia.com/advisories/19506
- http://www.osvdb.org/24278
- http://www.osvdb.org/24279
- http://www.securityfocus.com/bid/17359
- http://www.vupen.com/english/advisories/2006/1102
- http://www.web-app.net/cgi-bin/index.cgi?action=downloadinfo&cat=pastversions&id=1
- http://www.web-app.net/cgi-bin/index.cgi?action=redirectd&cat=pastversions&id=1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25435
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime