Information on source package spotweb

Available versions

ReleaseVersion
stretch20130826+dfsg3-4
buster20130826+dfsg3-4

Open issues

BugstretchbusterDescription
CVE-2020-35545vulnerable (no DSA)vulnerable (no DSA)Time-based SQL injection exists in Spotweb 1.4.9 via the query string. ...

Open unimportant issues

BugstretchbusterDescription
CVE-2021-40973vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40972vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40971vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40970vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40969vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
CVE-2021-40968vulnerablevulnerableCross-site scripting (XSS) vulnerability in templates/installer/step-0 ...

Resolved issues

BugDescription
CVE-2021-3286SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands p ...

Search for package or bug name: Reporting problems