Web Security Vulnerabilities
Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP...
7.9AI Score
0.001EPSS
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user...
7.8AI Score
0.007EPSS
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage...
6.7AI Score
0.009EPSS
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml...
7.8AI Score
0.002EPSS
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois"...
7.7AI Score
0.188EPSS
CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the...
7.1AI Score
0.005EPSS
ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?"...
6.6AI Score
0.01EPSS
The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/...
8.2AI Score
0.004EPSS
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI...
6.7AI Score
0.01EPSS
The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler...
7.9AI Score
0.003EPSS
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components"...
6.5AI Score
0.004EPSS
The Bluestone Sapphire web server allows session hijacking via easily guessable session...
7AI Score
0.004EPSS
iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel...
6.5AI Score
0.003EPSS
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a...
6.8AI Score
0.019EPSS
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot)...
6.9AI Score
0.712EPSS
7AI Score
0.002EPSS
Falcon web server allows remote attackers to determine the absolute path of the web root via long file...
7.1AI Score
0.005EPSS
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot)...
7.1AI Score
0.004EPSS
7.1AI Score
0.002EPSS
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search...
7.1AI Score
0.012EPSS
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable...
7.1AI Score
0.0004EPSS
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard...
6.4AI Score
0.861EPSS