Vulnerabilities in INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA)
15 resultsCVE-2017-2179—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, EPSS 2.3%CVE-2017-2128—Security guide for website operators allows remote attackers to execute arbitrary OS commands via specially crafted saved data.EPSS 1.6%CVE-2017-2181—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspeEPSS 1.5%CVE-2017-2182—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspeEPSS 1.5%CVE-2017-2099—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote code execution via unspecified vectors.EPSS 1.5%CVE-2017-2101—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to bypass authentication to peEPSS 1.5%CVE-2017-2175—Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a TrEPSS 1.4%CVE-2017-2174—Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to inject arbitrary web scriEPSS 1.2%CVE-2017-2180—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspeEPSS 1.1%CVE-2017-2100—Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.1 and earlier allows remote attackers to conduct DNS rebinding attacEPSS 1.0%CVE-2017-2220—Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a TrojEPSS 0.9%CVE-2017-2173—Cross-site scripting vulnerability in Empirical Project Monitor - eXtended all versions allows remote authenticated attackers to inject arbiEPSS 0.9%CVE-2017-2102—Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allEPSS 0.8%CVE-2019-6019—Untrusted search path vulnerability in STAMP Workbench installer all versions allows an attacker to gain privileges via a Trojan horse DLL iEPSS 0.8%CVE-2017-2194—Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HEPSS 0.7%