Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hfs http file server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0405
Multiple directory traversal vulnerabilities in HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allow remote malicious users to create arbitrary (1) files and (2) directories via a .. (dot dot) in an account name, when requesting the / URI; and...
Hfs Http File Server
NA
CVE-2008-0406
HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allows remote malicious users to cause a denial of service (daemon crash) via a long account name.
Hfs Http File Server
1 EDB exploit
NA
CVE-2008-0407
HTTP File Server (HFS) prior to 2.2c tags HTTP request log entries with the username sent during HTTP Basic Authentication, regardless of whether authentication succeeded, which might make it more difficult for an administrator to determine who made a remote request.
Hfs Http File Server
NA
CVE-2008-0408
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
Hfs Http File Server
NA
CVE-2008-0409
Cross-site scripting (XSS) vulnerability in HTTP File Server (HFS) prior to 2.2c allows remote malicious users to inject arbitrary web script or HTML via the userinfo subcomponent of a URL.
Hfs Http File Server
NA
CVE-2008-0410
HTTP File Server (HFS) prior to 2.2c allows remote malicious users to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a username and password, as demonstrated by placing this id element i...
Hfs Http File Server
9.8
CVSSv3
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x prior to 2.3c allows remote malicious users to execute arbitrary programs via a %00 sequence in a search action.
Rejetto Http File Server
3 EDB exploits
14 Github repositories
7.5
CVSSv3
CVE-2020-13432
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote malicious users to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.
Rejetto Http File Server 2.3m
NA
CVE-2014-7226
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and previous versions allows remote malicious users to execute arbitrary code by uploading a file with certain invalid UTF-8 byte sequences that are interpreted as executable macro symbols.
Rejetto Http File Server
1 EDB exploit
NA
CVE-2004-1084
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote malicious users to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
Apple Quicktime Streaming Server 4.1.1
Apple Darwin Streaming Server 4.1.3
Apple Darwin Streaming Server 5.0.1
Apple Mac Os X 10.2
Apple Mac Os X 10.2.1
Apple Mac Os X 10.2.2
Apple Mac Os X 10.3
Apple Mac Os X 10.3.1
Apple Mac Os X Server 10.2.1
Apple Mac Os X Server 10.2.2
Apple Mac Os X Server 10.3.1
Apple Mac Os X Server 10.3.2
Apple Mac Os X 10.2.7
Apple Mac Os X 10.2.8
Apple Mac Os X 10.3.6
Apple Mac Os X Server 10.2
Apple Mac Os X Server 10.2.7
Apple Mac Os X Server 10.2.8
Apple Mac Os X Server 10.3
Apple Mac Os X 10.2.5
Apple Mac Os X 10.2.6
Apple Mac Os X 10.3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »