Filtered by vendor Webpagetest
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-17199 | 2 Microsoft, Webpagetest | 2 Windows, Webpagetest | 2024-11-21 | 7.5 High |
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring. | ||||
CVE-2019-12161 | 1 Webpagetest | 1 Webpagetest | 2024-11-21 | N/A |
WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses (such as 0300.0250 as a replacement for 192.168). |
Page 1 of 1.