Skip to main content

Websvn

4 CVEs product

Monthly

CVE-2021-32305 CRITICAL POC PATCH THREAT Act Now

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Websvn
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
86.7%
CVE-2016-1236 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Websvn Debian Linux
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-2511 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Debian Linux Websvn
NVD
CVSS 3.0
6.1
EPSS
0.5%
CVE-2013-6892 LOW Monitor

WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Websvn Debian Linux
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 87% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Websvn
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in (1) revision.php, (2) log.php, (3) listing.php, and (4) comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Websvn +1
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Debian Linux +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Websvn Debian Linux
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy