Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http file server vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv2
CVE-2001-0131
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
Apache Http Server 1.3.14
Apache Http Server 2.0
Debian Debian Linux 2.2
5
CVSSv2
CVE-2000-0897
Small HTTP Server 2.03 and previous versions allows remote malicious users to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
Max Feoktistov Small Http Server 2.01
1 EDB exploit
4.6
CVSSv2
CVE-2004-0747
Buffer overflow in Apache 2.0.50 and previous versions allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
Apache Http Server
4
CVSSv2
CVE-2015-5711
TIBCO Managed File Transfer Internet Server prior to 7.2.5, Managed File Transfer Command Center prior to 7.2.5, Slingshot prior to 1.9.4, and Vault prior to 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request.
Tibco Managed File Transfer Internet Server
Tibco Vault
Tibco Managed File Transfer Command Center
Tibco Slingshot
7.2
CVSSv2
CVE-2004-2343
Apache HTTP Server 2.0.47 and previous versions allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. NOTE: the vendor has disputed this issue, since the .htaccess mechanism...
Apache Http Server
4.3
CVSSv2
CVE-2007-6514
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote malicious users to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended...
Apache Http Server 2.2.6
Apache Http Server 2.2.6
1 EDB exploit
NA
CVE-2014-125098
A vulnerability was found in Dart http_server up to 0.9.5 and classified as problematic. Affected by this issue is the function VirtualDirectory of the file lib/src/virtual_directory.dart of the component Directory Listing Handler. The manipulation of the argument request.uri.pat...
Dart Http Server
5
CVSSv2
CVE-2008-0758
Multiple directory traversal vulnerabilities in the Zidget/HTTP embedded HTTP server in ExtremeZ-IP File and Print Server 5.1.2x15 and previous versions allow remote malicious users to read arbitrary (1) gif, (2) png, (3) jpg, (4) xml, (5) ico, (6) zip, and (7) html files via a &...
Group Logic Extremez-ip File Server
Group Logic Extremez-ip Print Server
7.5
CVSSv2
CVE-2001-0308
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions prior to 0.80, allows remote malicious users to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
Bajie Java Http Server
1 EDB exploit
6.2
CVSSv2
CVE-2007-1741
Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is relia...
Apache Http Server 2.2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »