Skip to main content

Appspider Pro

6 CVEs product

Monthly

CVE-2025-11195 LOW Monitor

Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-36857 LOW Monitor

Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Appspider Pro
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-4951 MEDIUM This Month

Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Appspider Pro
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2017-5240 HIGH This Week

Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Appspider Pro
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-5236 HIGH This Week

Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-5233 HIGH This Week

Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 3.3
LOW Monitor

Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Appspider Pro
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" field. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

XSS Appspider Pro
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Appspider Pro
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appspider Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy