Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1039
SAP Web Application Server (WebAS) Kernel prior to 7.0 allows remote malicious users to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers.
Sap Sap Web Application Server 6.20
Sap Sap Web Application Server 6.40
Sap Sap Web Application Server 6.10
1 EDB exploit
NA
CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.
Oracle Application Server Web Cache 2.0.0.2
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
NA
CVE-2002-2370
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote malicious users to cause a denial of service (crash) via a URL request that does not end with a newline.
Sws Sws Simple Web Server 0.0.4
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.1.0
1 EDB exploit
NA
CVE-2004-0676
Directory traversal vulnerability in Fastream NETFile FTP/Web Server 6.7.2.1085 and previous versions allows remote malicious users to create or delete arbitrary files via .. (dot dot) and // (double slash) sequences in the filename parameter.
Fastream Netfile Ftp Web Server 6.5.1.980
Fastream Netfile Ftp Web Server 6.7.2.1085
Fastream Netfile Ftp Web Server 6.5.1.981
1 EDB exploit
NA
CVE-2002-0102
Oracle9iAS Web Cache 2.0.0.x allows remote malicious users to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
6.1
CVSSv3
CVE-2017-20185
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWMP. It has been rated as problematic. This issue affects some unknown processing of the file swmp.php of the component GET Parameter Handler. The manipulation of the argument theme leads to cross site scripting....
Server Web Monitor Page Project Server Web Monitor Page
6.1
CVSSv3
CVE-2021-37573
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page
Tiny Java Web Server Project Tiny Java Web Server
NA
CVE-2001-0186
Directory traversal vulnerability in Free Java Web Server 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Free Java Web Server Free Java Web Server 1.0
NA
CVE-2004-2120
Reptile Web Server allows remote malicious users to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version.
Reptile Web Server Reptile Web Server 2002-01-05
1 EDB exploit
NA
CVE-2006-2501
Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and previous versions, Java System Web Server 6.1 SP4 and previous versions, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and previous versions, and Java System Application Server 7 2004...
Sun Java System Web Server 6.1
Sun One Application Server 7.0
Sun One Web Server 6.0
Sun One Application Server
Sun One Web Server
Sun One Application Server 6.0
Sun Java System Application Server
Sun Java System Web Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »