Vulnerabilities > Andrey Cherezov > Acweb > 1.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2421 | Improper Input Validation vulnerability in Andrey Cherezov Acweb 1.14 acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. | 7.8 |
2002-12-31 | CVE-2002-2171 | Cross-Site Scripting vulnerability in Andrey Cherezov Acweb 1.14/1.8 Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arbitrary HTML and web script via a URL, possibly via a "%db" request in a URL. network andrey-cherezov | 4.3 |