Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2004-2327
Vizer Web Server 1.9.1 allows remote malicious users to cause a denial of service (crash) via multiple malformed requests including (1) requests without GET, (2) GET requests without HTTP, (3) or long GET requests.
Vizer Web Server Vizer Web Server 1.9.1
435
VMScore
CVE-2004-2618
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote malicious users to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
Pegasi Web Server Pegasi Web Server 0.2.2
1 EDB exploit
505
VMScore
CVE-2005-3475
Hasbani Web Server (WindWeb) 2.0 allows remote malicious users to cause a denial of service (infinite loop) via HTTP crafted GET requests.
Hasbani Web Server Hasbani Web Server 2.0
1 EDB exploit
505
VMScore
CVE-1999-1082
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote malicious users to ready arbitrary files via a "......" (modified dot dot) attack.
T. Hauck Jana Web Server 1.0
T. Hauck Jana Web Server 1.40
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 1.46
1 EDB exploit
505
VMScore
CVE-2005-3634
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allows remote malicious users to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
Sap Sap Web Application Server 6.40
Sap Sap Web Application Server 7.0
Sap Sap Web Application Server 6.10
Sap Sap Web Application Server 6.20
1 EDB exploit
505
VMScore
CVE-2001-0558
T. Hauck Jana Webserver 2.01 beta 1 and previous versions allows a remote malicious user to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0).
T. Hauck Jana Web Server 2.0b2
T. Hauck Jana Web Server 2.0beta1
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 1.46
1 EDB exploit
890
VMScore
CVE-2000-0812
The administration module in Sun Java web server allows remote malicious users to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
Sun Java System Web Server 1.1.2
Sun Java System Web Server 1.1.3
Sun Java System Web Server 1.1 Beta
Sun Java System Web Server 2.0
890
VMScore
CVE-2002-1641
Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote malicious users to execute arbitrary code via unknown vectors.
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Application Server Web Cache 2.0.0.3
540
VMScore
CVE-2002-1864
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 up to and including 0.1.0 allows remote malicious users to read arbitrary files via a ".." (dot dot) in an HTTP request.
Sws Sws Simple Web Server 0.1.1
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.1.0
Sws Sws Simple Web Server 0.0.4
445
VMScore
CVE-2002-1866
Simple Web Server (SWS) 0.0.4 up to and including 0.1.0 does not close file descriptors for 404 error messages, which could allow remote malicious users to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist.
Sws Sws Simple Web Server 0.1.1
Sws Sws Simple Web Server 0.0.4
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »