Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-3352
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd prior to 1.3.35-dev and Apache httpd 2.0.x prior to 2.0.56-dev allows remote malicious users to inject arbitrary web script or HTML via the Referer when using image maps.
Apache Http Server 2.2
Apache Http Server
4
CVSSv2
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
7.5
CVSSv2
CVE-2021-23797
All versions of package http-server-node are vulnerable to Directory Traversal via use of --path-as-is.
Http-server-node Project Http-server-node
10
CVSSv2
CVE-1999-1125
Oracle Webserver 2.1 and previous versions runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration f...
Oracle Http Server
Oracle Http Server 1.0
5
CVSSv2
CVE-2020-29596
MiniWeb HTTP server 0.8.19 allows remote malicious users to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
Miniweb Http Server Project Miniweb Http Server 0.8.19
1 Github repository
4.3
CVSSv2
CVE-2018-2760
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). Supported versions that are affected are 12.1.3 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise ...
Oracle Http Server 12.1.3
Oracle Http Server 12.2.1.2
NA
CVE-2022-21593
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
7.5
CVSSv2
CVE-2013-4743
Static HTTP Server 1.0 has a Local Overflow
Static Http Server Project Static Http Server 1.0
1 EDB exploit
5
CVSSv2
CVE-2000-1206
Vulnerability in Apache httpd prior to 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote malicious users to retrieve arbitrary files.
Apache Http Server 1.3.10
Apache Http Server 1.3.9
5.5
CVSSv2
CVE-2021-40668
The Android application HTTP File Server (Version 1.4.1) by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write.
Http File Server Project Http File Server 1.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »