MidnightBSD

Advisories for webct

CVE-2001-1003 MEDIUM

Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webct respondus 1.1.2
CVE-2004-1872 MEDIUM

Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webct webct campus_4.0
webct webct campus_3.8
webct webct campus_3.8.4
webct webct campus_4.1.1.5
webct webct campus_4.1
CVE-2004-2015 MEDIUM

Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webct webct campus_4.0
webct webct campus_4.1.1.5
webct webct campus_4.0_sp3_hotfix_40833
webct webct campus_4.1
webct webct campus_4.1_sp2_hotfix_40832
CVE-2005-1076 MEDIUM

Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webct webct campus_4.1