Filtered by vendor Eppler Software
Subscriptions
Filtered by product Webtester
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-10037 | 2 Eppler Software, Webtester | 2 Webtester, Webtester | 2025-07-31 | N/A |
| An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are passed directly to shell commands without sanitization. A remote unauthenticated attacker can exploit this flaw by sending a crafted HTTP POST request, resulting in arbitrary command execution on the underlying system with web server privileges. | ||||
Page 1 of 1.