Working Resources Inc.: >> Badblue >> 1.2.7 Security Vulnerabilities
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-06-25
ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.
CVSS Score
6.4
EPSS Score
0.036
Published
2001-05-03
Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
CVSS Score
10.0
EPSS Score
0.053
Published
2001-05-03