Yaws Yaws
4 CVEs affecting Yaws Yaws. Latest disclosed: 2019-11-26. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-10974 | High | 7.5 | 2017-07-07 | Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial… |
CVE-2011-4350 | | 2019-11-26 | Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of a… | |
CVE-2011-5025 | | 2011-12-29 | Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1)… | |
CVE-2010-4181 | | 2010-11-04 | Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences. |