Cross-site scripting (XSS) vulnerability in AN HTTP 1.41d allows remote attackers to inject arbitrary web script or HTML via a colon (:) in the query string, which is inserted into the resulting error...
5.9AI Score
0.001EPSS
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long...
8.3AI Score
0.08EPSS
AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file...
6.9AI Score
0.012EPSS
Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent...
8.4AI Score
0.18EPSS
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP...
7.4AI Score
0.031EPSS
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell...
7.3AI Score
0.022EPSS