Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server 2.0.58 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-4110
Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive fil...
Apache Http Server 2.2.3
Apache Http Server 2.0.58
Apache Http Server 2.2.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-6203
Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components...
Apache Http Server 2.0.51
Apache Http Server 2.0.52
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.2
Apache Http Server 2.2.3
Apache Http Server 2.0.46
Apache Http Server 2.0.53
Apache Http Server 2.0.54
Apache Http Server 2.0.55
Apache Http Server 2.1.4
Apache Http Server 2.1.5
Apache Http Server 2.2.4
Apache Http Server 2.0.47
Apache Http Server 2.0.48
Apache Http Server 2.0.57
Apache Http Server 2.0.58
Apache Http Server 2.1.6
Apache Http Server 2.1.7
Apache Http Server 2.0.49
Apache Http Server 2.0.50
Apache Http Server 2.0.59
1 EDB exploit
6.8
CVSSv2
CVE-2006-4154
Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent malicious users to execute arbitrary code via format string specifiers that are not properly handled in a set_var function call in (1) tcl_cmds.c and (2) tcl_core.c.
Apache Http Server 2.0.28
Apache Http Server 2.0.32
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.48
Apache Http Server 2.0.49
Apache Http Server 2.0.56
Apache Http Server 2.0.57
Apache Http Server 2.1.3
Apache Http Server 2.1.4
Apache Http Server 2.1.5
Apache Http Server 2.0.37
Apache Http Server 2.0.38
Apache Http Server 2.0.46
Apache Http Server 2.0.47
Apache Http Server 2.0.54
Apache Http Server 2.0.55
Apache Http Server 2.1.1
Apache Http Server 2.1.2
Apache Http Server 2.2.3
Apache Http Server 2.0
Apache Http Server 2.0.35
4.3
CVSSv2
CVE-2008-2168
Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and previous versions allows remote malicious users to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page.
Apache Http Server 2.0.28
Apache Http Server 2.0
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.39
Apache Http Server 2.0.40
Apache Http Server 2.0.41
Apache Http Server 2.0.48
Apache Http Server 2.0.49
Apache Http Server 2.0.56
Apache Http Server 2.0.57
Apache Http Server 2.1.2
Apache Http Server 2.1.3
Apache Http Server 2.2.1
Apache Http Server 2.2.2
Apache Http Server 2.0.34
Apache Http Server 2.0.42
Apache Http Server 2.0.43
Apache Http Server 2.0.50
Apache Http Server 2.0.51
Apache Http Server 2.0.58
Apache Http Server 2.0.59
1 EDB exploit
4.4
CVSSv2
CVE-2011-3607
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvI...
Apache Http Server 2.0.42
Apache Http Server 2.0.64
Apache Http Server 2.0.58
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.57
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.63
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.34
Apache Http Server 2.0.61
1 EDB exploit
1.2
CVSSv2
CVE-2011-4415
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a de...
Apache Http Server 2.0.55
Apache Http Server 2.0.54
Apache Http Server 2.0.46
Apache Http Server 2.0.49
Apache Http Server 2.0.63
Apache Http Server 2.0.9
Apache Http Server 2.0.35
Apache Http Server 2.0.34
Apache Http Server 2.0.37
Apache Http Server 2.0.57
Apache Http Server 2.0.56
Apache Http Server 2.0.51
Apache Http Server 2.0.48
Apache Http Server 2.0.43
Apache Http Server 2.0.60
Apache Http Server 2.0
Apache Http Server 2.0.36
Apache Http Server 2.0.39
Apache Http Server 2.0.50
Apache Http Server 2.0.53
Apache Http Server 2.0.42
Apache Http Server 2.0.45
1 EDB exploit
4.3
CVSSv2
CVE-2011-3639
The mod_proxy module in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x prior to 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse pro...
Apache Http Server 2.0.42
Apache Http Server 2.0.58
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.27
Apache Http Server 2.2.2
Apache Http Server 2.0.12
Apache Http Server 2.0.20
Apache Http Server2.0a9
Apache Http Server 2.2.4
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.2.17
Apache Http Server 2.0.44
Apache Http Server 2.2.16
Apache Http Server 2.0.39
1 EDB exploit
5
CVSSv2
CVE-2011-3368
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse pro...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
2 Nmap scripts
2 Github repositories
4.3
CVSSv2
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
5
CVSSv2
CVE-2007-6750
The Apache HTTP Server 1.x and 2.x allows remote malicious users to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions prior to 2.2.15.
Apache Http Server 1.3.18
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.23
Apache Http Server 1.2
Apache Http Server 1.3.16
Apache Http Server 1.3.15
Apache Http Server 1.0.2
Apache Http Server 1.3.34
Apache Http Server 1.3.36
Apache Http Server 1.3.0
Apache Http Server 1.3.38
Apache Http Server 1.3.42
Apache Http Server 1.3.2
Apache Http Server 1.0
Apache Http Server 1.1
Apache Http Server 1.3.1
Apache Http Server 1.3.11
Apache Http Server 1.3.30
Apache Http Server 1.3.31
Apache Http Server 1.3.5
Apache Http Server 1.4.0
1 Nmap script
17 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »