Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-2618
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote malicious users to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
Pegasi Web Server Pegasi Web Server 0.2.2
1 EDB exploit
NA
CVE-2007-5809
Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote malicious users to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page.
Hitachi Web Server 01 01
Hitachi Web Server 02 00
Hitachi Web Server 02 02
Hitachi Web Server 02 04 B
Hitachi Web Server 03 00
Hitachi Cosminexus Developer Standard Version 6
Hitachi Cosminexus Server
Hitachi Ucosminexus Service Platform
Hitachi Web Server 01 02 D
Hitachi Web Server 02 00 A
Hitachi Web Server 02 06 A
Hitachi Cosminexus Application Server Enterprise
Hitachi Cosminexus Application Server Standard
Hitachi Ucosminexus Developer Light
Hitachi Ucosminexus Developer Professional
Hitachi Web Server 01 01 D
Hitachi Web Server 03 00 01
Hitachi Ucosminexus Application Server Enterprise
Hitachi Ucosminexus Application Server Standard
Hitachi Web Server 01 00
Hitachi Web Server 01 02 E
Hitachi Cosminexus Developer Light Version 6
NA
CVE-2007-5810
Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote malicious users to spoof authentication via a client certificate with a forged signature.
Hitachi Web Server 01 00
Hitachi Web Server 01 02 D
Hitachi Web Server 01 02 E
Hitachi Web Server 02 00 A
Hitachi Web Server 02 02
Hitachi Web Server 02 06 A
Hitachi Web Server 03 00
Hitachi Web Server 01 01
Hitachi Web Server 02 00
Hitachi Web Server 02 04 B
Hitachi Web Server 03 00 01
Hitachi Cosminexus Server
Hitachi Ucosminexus Application Server Enterprise
Hitachi Cosminexus Application Server Standard
Hitachi Cosminexus Developer Light Version 6
Hitachi Ucosminexus Developer Professional
Hitachi Ucosminexus Developer Standard
Hitachi Cosminexus Developer Professional Version 6
Hitachi Cosminexus Developer Standard Version 6
Hitachi Ucosminexus Service Architect
Hitachi Ucosminexus Service Platform
Hitachi Web Server 01 01 D
NA
CVE-2000-0812
The administration module in Sun Java web server allows remote malicious users to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
Sun Java System Web Server 1.1.2
Sun Java System Web Server 1.1.3
Sun Java System Web Server 1.1 Beta
Sun Java System Web Server 2.0
NA
CVE-2005-3634
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allows remote malicious users to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
Sap Sap Web Application Server 6.40
Sap Sap Web Application Server 7.0
Sap Sap Web Application Server 6.10
Sap Sap Web Application Server 6.20
1 EDB exploit
NA
CVE-2002-1864
Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 up to and including 0.1.0 allows remote malicious users to read arbitrary files via a ".." (dot dot) in an HTTP request.
Sws Sws Simple Web Server 0.1.1
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.1.0
Sws Sws Simple Web Server 0.0.4
NA
CVE-2002-1866
Simple Web Server (SWS) 0.0.4 up to and including 0.1.0 does not close file descriptors for 404 error messages, which could allow remote malicious users to cause a denial of service (file descriptor exhaustion) via multiple requests for pages that do not exist.
Sws Sws Simple Web Server 0.1.1
Sws Sws Simple Web Server 0.0.4
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.1.0
NA
CVE-2002-1870
Simple Web Server (SWS) 0.0.4 up to and including 0.1.0 does not properly handle when the recv function call fails, which may allow remote malicious users to overwrite program data or perform actions on an uninitialized heap, leading to a denial of service and possibly code execu...
Sws Sws Simple Web Server 0.0.3
Sws Sws Simple Web Server 0.0.4
Sws Sws Simple Web Server 0.1.0
Sws Sws Simple Web Server 0.1.1
NA
CVE-2005-3635
Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allow remote malicious users to inject arbitrary web script or HTML via (1) the sap-syscmd in sap-syscmd and (2) the BspApplication field in the SYSTEM PUBLIC tes...
Sap Sap Web Application Server 6.10
Sap Sap Web Application Server 7.0
Sap Sap Web Application Server 6.20
Sap Sap Web Application Server 6.40
1 EDB exploit
NA
CVE-2005-3633
HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 up to and including 7.00 allows remote malicious users to inject arbitrary HTML headers via the sap-exiturl parameter.
Sap Sap Web Application Server 6.10
Sap Sap Web Application Server 6.20
Sap Sap Web Application Server 6.40
Sap Sap Web Application Server 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »