Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mini httpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0263
A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has bee...
Acme Ultra Mini Httpd 1.21
4
CVSSv2
CVE-2018-18778
ACME mini_httpd prior to 1.30 lets remote users read arbitrary files.
Acme Mini-httpd
3 Github repositories
7.5
CVSSv2
CVE-2017-17663
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
Acme Thttpd
Acme Mini Httpd
5
CVSSv2
CVE-2015-1548
mini_httpd 1.21 and previous versions allows remote malicious users to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.
Acme Mini Httpd
10
CVSSv2
CVE-2013-5019
Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote malicious users to execute arbitrary code via a long resource name in an HTTP request.
Vector Ultra Mini Httpd 1.21
4 EDB exploits
5
CVSSv2
CVE-2009-4488
Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termin...
Varnish.projects.linpro Varnish 2.0.6
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2009-4489
header.c in Cherokee prior to 0.99.32 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an esca...
Cherokee-project Cherokee
1 EDB exploit
5
CVSSv2
CVE-2009-4494
AOLserver 4.5.1 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Aol Aolserver 4.5.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-4487
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termina...
F5 Nginx 0.7.64
1 EDB exploit
7.5
CVSSv2
CVE-2009-4492
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, ...
Ruby-lang Webrick 1.3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »