Vulnerabilities > Webpagetest
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-05 | CVE-2019-17199 | Path Traversal vulnerability in Webpagetest 19.04 www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. | 7.5 |
| 2019-05-17 | CVE-2019-12161 | Server-Side Request Forgery (SSRF) vulnerability in Webpagetest 19.04 WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168). | 8.8 |