Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yaws yaws vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-4489
header.c in Cherokee prior to 0.99.32 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an esca...
Cherokee-project Cherokee
1 EDB exploit
5
CVSSv2
CVE-2009-4490
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Acme Mini Httpd 1.19
1 EDB exploit
5
CVSSv2
CVE-2009-4493
Orion Application Server 2.0.7 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequ...
Orion Orion Application Server 2.0.7
1 EDB exploit
5
CVSSv2
CVE-2009-4494
AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Aol Aolserver 4.5.1
1 EDB exploit
5
CVSSv2
CVE-2009-4496
Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Boa Boa 0.94.14rc21
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2009-0751
Yaws prior to 1.80 allows remote malicious users to cause a denial of service (memory consumption and crash) via a request with a large number of headers.
Yaws Yaws 1.71
Yaws Yaws 1.61
Yaws Yaws 1.73
Yaws Yaws 1.65
Yaws Yaws
Yaws Yaws 1.57
Yaws Yaws 1.76
Yaws Yaws 1.68
Yaws Yaws 1.70
Yaws Yaws 1.74
Yaws Yaws 1.53
Yaws Yaws 1.77
Yaws Yaws 1.66
Yaws Yaws 1.67
Yaws Yaws 1.54
Yaws Yaws 1.52
Yaws Yaws 1.50
Yaws Yaws 1.51
Yaws Yaws 1.62
Yaws Yaws 1.78
Yaws Yaws 1.58
Yaws Yaws 1.72
1 EDB exploit
5
CVSSv2
CVE-2005-2008
Yaws Webserver 1.55 and previous versions allows remote malicious users to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null).
Yaws Webserver 1.52
Yaws Webserver 1.54
Yaws Webserver 1.53
Yaws Webserver 1.50
Yaws Webserver 1.51
Yaws Webserver 1.55
5
CVSSv2
CVE-2003-0083
Apache 1.3 prior to 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences,...
Apache Http Server
5
CVSSv2
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for malicious users to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
Apache Http Server
4.3
CVSSv2
CVE-2011-5025
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote malicious users to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsTo...
Yaws Yaws 1.88
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »