Vulnerabilities > IPA

DATE CVE VULNERABILITY TITLE RISK
2017-05-22 CVE-2017-2173 Cross-site Scripting vulnerability in IPA Empirical Project Monitor - Extended
Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ipa CWE-79
3.5
2017-04-28 CVE-2017-2102 Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0
Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
ipa CWE-352
6.8
2017-04-28 CVE-2017-2101 Improper Authentication vulnerability in IPA Appgoat 3.0.0
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to perform arbitrary operations via unspecified vectors.
network
low complexity
ipa CWE-287
7.5
2017-04-28 CVE-2017-2100 Improper Input Validation vulnerability in IPA Appgoat 3.0.0/3.0.1
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier allows remote attackers to conduct DNS rebinding attacks via unspecified vectors.
network
ipa CWE-20
6.8
2017-04-28 CVE-2017-2099 Remote Code Execution vulnerability in IPA Appgoat 3.0.0
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote code execution via unspecified vectors.
network
ipa
6.8
2014-11-15 CVE-2014-7248 Cross-Site Scripting vulnerability in IPA Ilogscanner 4.0
Cross-site scripting (XSS) vulnerability in IPA iLogScanner 4.0 allows remote attackers to inject arbitrary web script or HTML by triggering a crafted entry in a log file.
network
ipa CWE-79
4.3