Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mini httpd vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2001-0893
Acme mini_httpd prior to 1.16 allows remote malicious users to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
Acme Mini Httpd
445
VMScore
CVE-2015-1548
mini_httpd 1.21 and previous versions allows remote malicious users to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.
Acme Mini Httpd
357
VMScore
CVE-2018-18778
ACME mini_httpd prior to 1.30 lets remote users read arbitrary files.
Acme Mini-httpd
3 Github repositories
505
VMScore
CVE-2009-4490
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Acme Mini Httpd 1.19
1 EDB exploit
NA
CVE-2024-0263
A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has bee...
Acme Ultra Mini Httpd 1.21
668
VMScore
CVE-2017-17663
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
Acme Thttpd
Acme Mini Httpd
1000
VMScore
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote malicious users to execute arbitrary code via a long resource name in an HTTP request.
Vector Ultra Mini Httpd 1.21
4 EDB exploits
685
VMScore
CVE-2009-4487
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termina...
F5 Nginx 0.7.64
1 EDB exploit
505
VMScore
CVE-2009-4495
Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal e...
Yaws Yaws 1.85
1 EDB exploit
505
VMScore
CVE-2009-4494
AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Aol Aolserver 4.5.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »