Lil Http Security Vulnerabilities

CVE-2002-2076

Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET...

CVE-2014-5906

The Lil Wayne Slots: FREE SLOTS (aka com.lilwayneslots.slots.android) application 1.138 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

CVE-2002-1008

Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the...

CVE-2002-1009

Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail"...

CVE-2002-0304

Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP...