Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache http server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2000-1205
Cross site scripting vulnerabilities in Apache 1.3.0 up to and including 1.3.11 allow remote malicious users to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response fu...
Apache Http Server 1.3.10
Apache Http Server 1.3.8
Apache Http Server 1.3.1
Apache Http Server 1.3.5
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.4
Apache Http Server 1.3.0
Apache Http Server 1.3.3
Apache Http Server 1.3.9
Apache Http Server 1.3.11
Apache Http Server 1.3.7
5
CVSSv2
CVE-2010-0408
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x prior to 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote malicious users to cause a denial of service (backend ser...
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.9
Apache Http Server 2.2.12
Apache Http Server 2.2.3
5
CVSSv2
CVE-2004-0173
Directory traversal vulnerability in Apache 1.3.29 and previous versions, and Apache 2.0.48 and previous versions, when running on Cygwin, allows remote malicious users to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
Apache Http Server 1.0.3
Apache Http Server 1.0.5
Apache Http Server 1.1
Apache Http Server 1.1.1
Apache Http Server 1.0
Apache Http Server 1.0.2
Apache Http Server 1.3
Apache Http Server 0.8.11
Apache Http Server 0.8.14
Apache Http Server 1.2
Apache Http Server 1.2.5
1 EDB exploit
5
CVSSv2
CVE-2002-1593
mod_dav in Apache prior to 2.0.42 does not properly handle versioning hooks, which may allow remote malicious users to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.28
Apache Http Server 2.0
5
CVSSv2
CVE-2012-4557
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 up to and including 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote malicious users to cause a denial of service (worker consumption) via an expensive r...
Apache Http Server 2.2.13
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.14
Apache Http Server 2.2.19
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.15
Apache Http Server 2.2.20
7.5
CVSSv2
CVE-2002-2029
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote malicious users to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
Apache Http Server 1.3.16
Apache Http Server 1.3.17
Apache Http Server 1.3.18
Apache Http Server 1.3.19
Apache Http Server 1.3.11
Apache Http Server 1.3.13
Apache Http Server 1.3.15
Apache Http Server 1.3.20
Apache Http Server 1.3.12
Apache Http Server 1.3.14
1 EDB exploit
2.6
CVSSv2
CVE-2002-1233
A regression error in the Debian distributions of the apache-ssl package (prior to 1.3.9 on Debian 2.2, and prior to 1.3.26 on Debian 3.0), for Apache 1.3.27 and previous versions, allows local users to read or modify the Apache password file via a symlink attack on temporary fil...
Apache Http Server 1.3.20
Apache Http Server 1.3.25
Apache Http Server 1.3.19
Apache Http Server 1.3.24
Apache Http Server 1.3.17
Apache Http Server 1.3.22
Apache Http Server 1.3.26
Apache Http Server 1.3.18
Apache Http Server 1.3.23
Apache Http Server 1.3.27
5
CVSSv2
CVE-2000-0913
mod_rewrite in Apache 1.3.12 and previous versions allows remote malicious users to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Apache Http Server 1.0.5
Apache Http Server 0.8.11
Apache Http Server 1.1.1
Apache Http Server 1.3.11
Apache Http Server 1.0.2
Apache Http Server 1.1
Apache Http Server 1.0
Apache Http Server 1.0.3
Apache Http Server 1.3.12
Apache Http Server 0.8.14
5
CVSSv2
CVE-2003-0245
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 up to and including 2.0.45 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML ...
Apache Http Server 2.0.42
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.41
Apache Http Server 2.0.38
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.43
1 EDB exploit
7.5
CVSSv2
CVE-2002-0661
Directory traversal vulnerability in Apache 2.0 up to and including 2.0.39 on Windows, OS2, and Netware allows remote malicious users to read arbitrary files and execute commands via .. (dot dot) sequences containing \ (backslash) characters.
Apache Http Server 2.0.28
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.34
Apache Http Server 2.0.39
Apache Http Server 2.0.38
Apache Http Server 2.0.36
Apache Http Server 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »