This package is not in any development repository. This probably
means that the package
has been removed
(or has been renamed). Thus the information here is of little interest ...
the package is going to disappear unless someone takes it over and
reintroduces it.
3 issues left for the package maintainer to handle:
CVE-2020-35545:
(needs triaging)
Time-based SQL injection exists in Spotweb 1.4.9 via the query string.
CVE-2021-33966:
(needs triaging)
Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page.
CVE-2021-43725:
(needs triaging)
There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.