Vulnerabilities > Webpagetest

DATE CVE VULNERABILITY TITLE RISK
2019-10-05 CVE-2019-17199 Path Traversal vulnerability in Webpagetest 19.04
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\..
network
low complexity
webpagetest CWE-22
5.0
2019-05-17 CVE-2019-12161 Server-Side Request Forgery (SSRF) vulnerability in Webpagetest 19.04
WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).
network
low complexity
webpagetest CWE-918
4.0