Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hfs http file server vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
445
VMScore
CVE-2008-0407
HTTP File Server (HFS) prior to 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request.
Hfs Http File Server
505
VMScore
CVE-2008-0406
HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allows remote malicious users to cause a denial of service (daemon crash) via a long account name.
Hfs Http File Server
1 EDB exploit
570
VMScore
CVE-2008-0408
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
Hfs Http File Server
383
VMScore
CVE-2008-0409
Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) prior to 2.2c allows remote malicious users to inject arbitrary web script or HTML via the userinfo subcomponent of a URL.
Hfs Http File Server
445
VMScore
CVE-2008-0410
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a username and password, as demonstrated by placing this id element i...
Hfs Http File Server
1000
VMScore
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x prior to 2.3c allows remote malicious users to execute arbitrary programs via a %00 sequence in a search action.
Rejetto Http File Server
3 EDB exploits
14 Github repositories
755
VMScore
CVE-2014-7226
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and previous versions allows remote malicious users to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.
Rejetto Http File Server
1 EDB exploit
445
VMScore
CVE-2020-13432
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote malicious users to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.
Rejetto Http File Server 2.3m
445
VMScore
CVE-2004-1084
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote malicious users to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
Apple Quicktime Streaming Server 4.1.1
Apple Darwin Streaming Server 4.1.3
Apple Darwin Streaming Server 5.0.1
Apple Mac Os X 10.2
Apple Mac Os X 10.2.1
Apple Mac Os X 10.2.2
Apple Mac Os X 10.3
Apple Mac Os X 10.3.1
Apple Mac Os X Server 10.2.1
Apple Mac Os X Server 10.2.2
Apple Mac Os X Server 10.3.1
Apple Mac Os X Server 10.3.2
Apple Mac Os X 10.2.7
Apple Mac Os X 10.2.8
Apple Mac Os X 10.3.6
Apple Mac Os X Server 10.2
Apple Mac Os X Server 10.2.7
Apple Mac Os X Server 10.2.8
Apple Mac Os X Server 10.3
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.6
Apple Mac Os X 10.3.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »