Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yaws yaws vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-4491
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termin...
Acme Thttpd 2.25
1 EDB exploit
5
CVSSv2
CVE-2009-4494
AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Aol Aolserver 4.5.1
1 EDB exploit
5
CVSSv2
CVE-2009-4495
Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal e...
Yaws Yaws 1.85
1 EDB exploit
5
CVSSv2
CVE-2009-4496
Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Boa Boa 0.94.14rc21
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2009-4493
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequ...
Orion Orion Application Server 2.0.7
1 EDB exploit
5
CVSSv2
CVE-2009-0751
Yaws prior to 1.80 allows remote malicious users to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
Yaws Yaws 1.55
Yaws Yaws 1.56
Yaws Yaws 1.65
Yaws Yaws 1.66
Yaws Yaws 1.74
Yaws Yaws 1.75
Yaws Yaws 1.57
Yaws Yaws 1.58
Yaws Yaws 1.67
Yaws Yaws 1.68
Yaws Yaws 1.76
Yaws Yaws 1.77
Yaws Yaws 1.53
Yaws Yaws 1.54
Yaws Yaws 1.63
Yaws Yaws 1.64
Yaws Yaws 1.72
Yaws Yaws 1.73
Yaws Yaws 1.50
Yaws Yaws 1.51
Yaws Yaws 1.52
Yaws Yaws 1.61
1 EDB exploit
5
CVSSv2
CVE-2005-2008
Yaws Webserver 1.55 and previous versions allows remote malicious users to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null).
Yaws Webserver 1.52
Yaws Webserver 1.53
Yaws Webserver 1.50
Yaws Webserver 1.51
Yaws Webserver 1.54
Yaws Webserver 1.55
5
CVSSv2
CVE-2003-0083
Apache 1.3 prior to 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences,...
Apache Http Server
5
CVSSv2
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
4.3
CVSSv2
CVE-2011-5025
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote malicious users to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsTo...
Yaws Yaws 1.88
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »