Vulnerabilities > Ultrapop

DATE CVE VULNERABILITY TITLE RISK
2014-12-12 CVE-2014-7263 Cross-Site Scripting vulnerability in Ultrapop I-Httpd
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261.
network
ultrapop CWE-79
4.3
2014-12-12 CVE-2014-7262 Cross-Site Scripting vulnerability in Ultrapop I-Httpd
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string.
network
ultrapop CWE-79
4.3
2014-12-12 CVE-2014-7261 Cross-Site Scripting vulnerability in Ultrapop I-Httpd
Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263.
network
ultrapop CWE-79
4.3
2014-12-12 CVE-2014-7260 Code Injection vulnerability in Ultrapop I-Httpd
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives.
network
low complexity
ultrapop CWE-94
7.5