Filtered by vendor Webpagetest Subscriptions
Filtered by product Webpagetest Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-17199 2 Microsoft, Webpagetest 2 Windows, Webpagetest 2024-11-21 7.5 High
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.
CVE-2019-12161 1 Webpagetest 1 Webpagetest 2024-11-21 N/A
WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168).