Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
goahead vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1568
GoAhead WebServer prior to 2.1.6 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function.
Goahead Goahead Webserver 2.1.2
Goahead Goahead Webserver 2.1
Goahead Software Goahead Webserver
Goahead Software Goahead Webserver 2.1.4
Goahead Software Goahead Webserver 2.1.3
Goahead Goahead Webserver 2.1.1
Goahead Goahead Webserver 2.0
NA
CVE-2002-2428
webs.c in GoAhead WebServer prior to 2.1.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data.
Goahead Goahead Webserver
Goahead Goahead Webserver 2.1.2
Goahead Goahead Webserver 2.1.1
Goahead Goahead Webserver 2.1
Goahead Goahead Webserver 2.0
NA
CVE-2002-2429
webs.c in GoAhead WebServer prior to 2.1.4 allows remote malicious users to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header.
Goahead Goahead Webserver 2.1
Goahead Goahead Webserver 2.1.2
Goahead Goahead Webserver 2.0
Goahead Goahead Webserver
Goahead Goahead Webserver 2.1.1
NA
CVE-2002-2431
Unspecified vulnerability in GoAhead WebServer prior to 2.1.4 allows remote malicious users to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c.
Goahead Goahead Webserver 2.1.2
Goahead Goahead Webserver 2.1.1
Goahead Goahead Webserver 2.1
Goahead Goahead Webserver 2.0
Goahead Goahead Webserver
NA
CVE-2002-1603
GoAhead Web Server 2.1.7 and previous versions allows remote malicious users to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed.
Goahead Software Goahead Webserver 2.1.2
Goahead Software Goahead Webserver 2.1.3
Goahead Software Goahead Webserver 2.0
Goahead Software Goahead Webserver 2.1.6
Goahead Software Goahead Webserver 2.1.7
Goahead Software Goahead Webserver 2.1
Goahead Software Goahead Webserver 2.1.1
Goahead Software Goahead Webserver 2.1.4
Goahead Software Goahead Webserver 2.1.5
1 EDB exploit
NA
CVE-2002-0681
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote malicious users to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.
Goahead Software Goahead Webserver 2.1.5
Goahead Software Goahead Webserver 2.1.3
Goahead Software Goahead Webserver 2.1.4
Goahead Software Goahead Webserver 2.1.1
Goahead Software Goahead Webserver 2.1.2
1 EDB exploit
7.5
CVSSv3
CVE-2017-14149
GoAhead 3.4.0 up to and including 3.6.5 has a NULL Pointer Dereference in the websDecodeUrl function in http.c, leading to a crash for a "POST / HTTP/1.1" request.
Embedthis Goahead 3.5.0
Embedthis Goahead 3.6.0
Embedthis Goahead 3.6.1
Embedthis Goahead 3.6.2
Embedthis Goahead 3.4.4
Embedthis Goahead 3.4.5
Embedthis Goahead 3.4.6
Embedthis Goahead 3.4.7
Embedthis Goahead 3.4.1
Embedthis Goahead 3.4.3
Embedthis Goahead 3.4.8
Embedthis Goahead 3.4.10
Embedthis Goahead 3.4.12
Embedthis Goahead 3.6.3
Embedthis Goahead 3.6.5
Embedthis Goahead 3.4.2
Embedthis Goahead 3.4.9
Embedthis Goahead 3.4.11
Embedthis Goahead 3.6.4
Embedthis Goahead 3.4.0
NA
CVE-2002-2427
The security handler in GoAhead WebServer prior to 2.1.1 allows remote malicious users to bypass authentication and obtain access to protected web content via "an extra slash in a URL," a different vulnerability than CVE-2002-1603.
Goahead Goahead Webserver
Goahead Goahead Webserver 2.0
NA
CVE-2002-2430
GoAhead WebServer prior to 2.1.1 allows remote malicious users to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server.
Goahead Goahead Webserver 2.0
Goahead Goahead Webserver
NA
CVE-2014-9707
EmbedThis GoAhead 3.0.0 up to and including 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote malicious users to conduct directory traversal attacks, cause a denial of service (heap-based buffer overflow and crash), or possibly execute arbi...
Embedthis Goahead 3.0.0
Embedthis Goahead 3.3.2
Embedthis Goahead 3.3.1
Embedthis Goahead 3.4.0
Embedthis Goahead 3.3.6
Embedthis Goahead 3.3.5
Embedthis Goahead 3.3.4
Embedthis Goahead 3.3.3
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »