RSS   Vulnerabilities for 'Webtransactions'   RSS

2009-01-05
 
CVE-2008-5842

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via vectors associated with (1) a demo application shipped with WebTransactions and possibly (2) an unspecified "dynamic application."

 
2009-01-02
 
CVE-2008-5810

CWE-20
 

 
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.

 


Copyright 2024, cxsecurity.com

 

Back to Top