Wwwisis: Security Vulnerabilities
Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary files via a .. (dot dot) in the IsisScript parameter to iah.
CVSS Score
5.0
EPSS Score
0.014
Published
2007-10-16
Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter.
CVSS Score
4.3
EPSS Score
0.037
Published
2007-10-14
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog.
CVSS Score
10.0
EPSS Score
0.044
Published
2002-08-12