Vulnerabilities > IPA
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-22 | CVE-2017-2173 | Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2017-04-28 | CVE-2017-2102 | Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0 Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 6.8 |
2017-04-28 | CVE-2017-2101 | Improper Authentication vulnerability in IPA Appgoat 3.0.0 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to perform arbitrary operations via unspecified vectors. | 7.5 |
2017-04-28 | CVE-2017-2100 | Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier allows remote attackers to conduct DNS rebinding attacks via unspecified vectors. | 6.8 |
2017-04-28 | CVE-2017-2099 | Remote Code Execution vulnerability in IPA Appgoat 3.0.0 Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote code execution via unspecified vectors. network ipa | 6.8 |
2014-11-15 | CVE-2014-7248 | Cross-Site Scripting vulnerability in IPA Ilogscanner 4.0 Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file. | 4.3 |