Vulnerabilities > Ultrapop
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-12 | CVE-2014-7263 | Cross-Site Scripting vulnerability in Ultrapop I-Httpd Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted HTTP header, a different vulnerability than CVE-2014-7261. | 4.3 |
2014-12-12 | CVE-2014-7262 | Cross-Site Scripting vulnerability in Ultrapop I-Httpd Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string. | 4.3 |
2014-12-12 | CVE-2014-7261 | Cross-Site Scripting vulnerability in Ultrapop I-Httpd Cross-site scripting (XSS) vulnerability in ULTRAPOP.JP i-HTTPD allows remote attackers to inject arbitrary web script or HTML via a crafted string that is improperly rendered during construction of a directory index page, a different vulnerability than CVE-2014-7263. | 4.3 |
2014-12-12 | CVE-2014-7260 | Code Injection vulnerability in Ultrapop I-Httpd The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives. | 7.5 |