Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http file server vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2008-0406
HTTP File Server (HFS) prior to 2.2c, when account names are used as log filenames, allows remote malicious users to cause a denial of service (daemon crash) via a long account name.
Hfs Http File Server
1 EDB exploit
1000
VMScore
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x prior to 2.3c allows remote malicious users to execute arbitrary programs via a %00 sequence in a search action.
Rejetto Http File Server
3 EDB exploits
14 Github repositories
445
VMScore
CVE-2020-13432
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote malicious users to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.
Rejetto Http File Server 2.3m
NA
CVE-2023-4118
A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to th...
Iscute Cute Http File Server 2.0
441
VMScore
CVE-2003-1307
The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the...
Apache Http Server 2.0.42
Apache Http Server 2.0.47
Apache Http Server 2.0.28
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.32
Apache Http Server 2.0.44
Apache Http Server 2.0.34
Apache Http Server 2.0.39
Apache Http Server 2.0.46
Apache Http Server 2.0.41
Apache Http Server 2.0.9
Apache Http Server 2.0.38
Apache Http Server 2.0.48
Apache Http Server 2.0.45
Apache Http Server 2.0.40
Apache Http Server 2.0.36
Apache Http Server 2.0.43
Apache Http Server 2.0
2 EDB exploits
2 Github repositories
755
VMScore
CVE-2002-2029
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote malicious users to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
Apache Http Server 1.3.16
Apache Http Server 1.3.17
Apache Http Server 1.3.18
Apache Http Server 1.3.19
Apache Http Server 1.3.11
Apache Http Server 1.3.13
Apache Http Server 1.3.15
Apache Http Server 1.3.20
Apache Http Server 1.3.12
Apache Http Server 1.3.14
1 EDB exploit
435
VMScore
CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x up to and including 1.3.42, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch patt...
Apache Http Server 1.3.38
Apache Http Server 1.3.23
Apache Http Server 1.3.27
Apache Http Server 1.3.10
Apache Http Server 1.3.33
Apache Http Server 1.3.8
Apache Http Server 1.3.36
Apache Http Server 1.3.16
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 1.3.31
Apache Http Server 1.3.68
Apache Http Server 1.3.24
Apache Http Server 1.3.5
Apache Http Server 1.3.20
Apache Http Server 1.3.35
Apache Http Server 1.3.6
Apache Http Server 1.3.2
Apache Http Server 1.3.34
Apache Http Server 1.3.4
1 EDB exploit
445
VMScore
CVE-2011-3607
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvI...
Apache Http Server 2.0.42
Apache Http Server 2.0.64
Apache Http Server 2.0.58
Apache Http Server 2.0.47
Apache Http Server 2.0.56
Apache Http Server 2.0.50
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.55
Apache Http Server 2.0.44
Apache Http Server 2.0.39
Apache Http Server 2.0.52
Apache Http Server 2.0.53
Apache Http Server 2.0.57
Apache Http Server 2.0.51
Apache Http Server 2.0.28
Apache Http Server 2.0.63
Apache Http Server 2.0.41
Apache Http Server 2.0.49
Apache Http Server 2.0.9
Apache Http Server 2.0.34
Apache Http Server 2.0.61
1 EDB exploit
125
VMScore
CVE-2011-4415
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x up to and including 2.0.64 and 2.2.x up to and including 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a de...
Apache Http Server 2.0.55
Apache Http Server 2.0.54
Apache Http Server 2.0.46
Apache Http Server 2.0.49
Apache Http Server 2.0.63
Apache Http Server 2.0.9
Apache Http Server 2.0.35
Apache Http Server 2.0.34
Apache Http Server 2.0.37
Apache Http Server 2.0.57
Apache Http Server 2.0.56
Apache Http Server 2.0.51
Apache Http Server 2.0.48
Apache Http Server 2.0.43
Apache Http Server 2.0.60
Apache Http Server 2.0
Apache Http Server 2.0.36
Apache Http Server 2.0.39
Apache Http Server 2.0.50
Apache Http Server 2.0.53
Apache Http Server 2.0.42
Apache Http Server 2.0.45
1 EDB exploit
383
VMScore
CVE-2012-3499
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x prior to 2.2.24-dev and 2.4.x prior to 2.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagemap, (2) mod_info, (3)...
Apache Http Server 2.2.23
Apache Http Server 2.2
Apache Http Server 2.2.11
Apache Http Server 2.2.0
Apache Http Server 2.2.10
Apache Http Server 2.2.13
Apache Http Server 2.2.2
Apache Http Server 2.2.4
Apache Http Server 2.2.17
Apache Http Server 2.2.16
Apache Http Server 2.2.21
Apache Http Server 2.2.8
Apache Http Server 2.2.14
Apache Http Server 2.2.6
Apache Http Server 2.2.22
Apache Http Server 2.2.19
Apache Http Server 2.2.9
Apache Http Server 2.2.18
Apache Http Server 2.2.12
Apache Http Server 2.2.3
Apache Http Server 2.2.15
Apache Http Server 2.2.20
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »