Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http file server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-4110
Apache 2.2.2, when running on Windows, allows remote malicious users to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive fil...
Apache Http Server 2.2.3
Apache Http Server 2.0.58
Apache Http Server 2.2.2
1 EDB exploit
5
CVSSv2
CVE-2001-0925
The default installation of Apache prior to 1.3.19 allows remote malicious users to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2)...
Apache Http Server 1.3.12
Apache Http Server 1.3.17
Apache Http Server 1.3.14
Apache Http Server 1.3.11
Debian Debian Linux 2.2
4 EDB exploits
5
CVSSv2
CVE-2014-2545
TIBCO Managed File Transfer Internet Server prior to 7.2.2, Managed File Transfer Command Center prior to 7.2.2, Slingshot prior to 1.9.1, and Vault prior to 1.0.1 allow remote malicious users to obtain sensitive information via a crafted HTTP request.
Tibco Slingshot 1.8.1
Tibco Slingshot 1.8.0
Tibco Slingshot 1.7.0
Tibco Slingshot
Tibco Vault
Tibco Managed File Transfer Command Center 6.7
Tibco Managed File Transfer Command Center
Tibco Managed File Transfer Command Center 7.0.1
Tibco Managed File Transfer Command Center 7.2.0
Tibco Managed File Transfer Command Center 7.1.0
Tibco Managed File Transfer Command Center 7.0
Tibco Managed File Transfer Internet Server 7.2.0
Tibco Managed File Transfer Internet Server 7.1.0
Tibco Managed File Transfer Internet Server 7.0
Tibco Managed File Transfer Internet Server
Tibco Managed File Transfer Internet Server 7.0.1
Tibco Managed File Transfer Internet Server 6.7
10
CVSSv2
CVE-2004-0492
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote malicious users to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data ...
Hp Webproxy 2.0
Hp Virtualvault 11.0.4
Apache Http Server 1.3.27
Ibm Http Server 1.3.28
Apache Http Server 1.3.28
Apache Http Server 1.3.31
Hp Webproxy 2.1
Ibm Http Server 1.3.26.1
Apache Http Server 1.3.26
Apache Http Server 1.3.29
Sgi Propack 2.4
Ibm Http Server 1.3.26
Ibm Http Server 1.3.26.2
Hp Vvos 11.04
Openbsd Openbsd 3.5
Openbsd Openbsd
Openbsd Openbsd 3.4
10
CVSSv2
CVE-1999-1125
Oracle Webserver 2.1 and previous versions runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration f...
Oracle Http Server
Oracle Http Server 1.0
4
CVSSv2
CVE-2018-3713
angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.
Angular-http-server Project Angular-http-server
4.3
CVSSv2
CVE-2003-1580
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote malicious users to spoof IP addresses via crafted DNS responses conta...
Apache Http Server 2.0.44
2.6
CVSSv2
CVE-2003-1581
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote malicious users to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an &...
Apache Http Server 2.0.44
5
CVSSv2
CVE-2001-0042
PHP 3.x (PHP3) on Apache 1.3.6 allows remote malicious users to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
Apache Http Server 1.3
1 EDB exploit
7.5
CVSSv2
CVE-2002-0061
Apache for Win32 prior to 1.3.24, and 2.0.x prior to 2.0.34-beta, allows remote malicious users to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, t...
Apache Http Server
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »