Vice : Security vulnerabilities, CVEs

Copy

CVE-2021-42839

Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services.

Max CVSS

9.0

EPSS Score

8.17%

Published

2021-11-15

Updated

2021-11-16

CVE-2021-42838

Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks.

Max CVSS

6.1

EPSS Score

0.08%

Published

2021-11-15

Updated

2021-11-16

CVE-2004-0453

Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string.

Max CVSS

7.2

EPSS Score

0.05%

Published

2004-08-06

Updated

2017-07-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!