Astra Linux - уязвимость в apache2

The out-of-bounds write vulnerability in the modsed module of the Apache HTTP Server allows an attacker to overwrite heap memory with data provided by the attacker. This issue affects Apache HTTP Server version 2.4.2.52 and earlier versions...

RHEL 7 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - httpd: modproxy: X-Forwarded-For dropped by hop-by-hop mechanism CVE-2022-31813 - Apache HTTP Server...

Tramyardg Autoexpress 1.3.0 SQL Injection Vulnerability

Exploit Title: tramyardg autoexpress - SQL Injection Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48901 References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48901...

Tramyardg Autoexpress 1.3.0 SQL Injection

Exploit Title: tramyardg autoexpress - SQL Injection Google Dork: N/A Date: 11/28/2023 Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48901 References:...

Tramyardg Autoexpress 1.3.0 Cross Site Scripting

Exploit Title: tramyardg autoexpress - Stored Cross-Site Scripting XSS Google Dork: N/A Date: 11/28/2023 Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48903 References:...

ImpressCMS v1.4.3 - Authenticated SQL Injection Vulnerability

Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor: https://www.impresscms.org Source:...

ImpressCMS v1.4.3 - Authenticated SQL Injection

Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor:...

CVE-2021-32785 affecting package httpd for versions less than 2.4.52-1

CVE-2021-32785 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-32786 affecting package httpd for versions less than 2.4.52-1

CVE-2021-32786 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-34798 affecting package httpd for versions less than 2.4.52-1

CVE-2021-34798 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1

CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44224 affecting package httpd for versions less than 2.4.52-1

CVE-2021-44224 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2019-17567 affecting package httpd for versions less than 2.4.52-1

CVE-2019-17567 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-22719 affecting package httpd 2.4.52-1

CVE-2022-22719 affecting package httpd 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-23943 affecting package httpd 2.4.52-1

CVE-2022-23943 affecting package httpd 2.4.52-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-22721 affecting package httpd 2.4.52-1

CVE-2022-22721 affecting package httpd 2.4.52-1. An upgraded version of the package is available that resolves this issue...

Oracle Linux 6 : httpd (ELSA-2022-9257)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9257 advisory. 2.2.15-69.0.3 - core: Simpler connection close logic CVE-2022-22720Orabug: 33991577 Tenable has extracted the preceding description block directly from the Orac...

ALPINE-CVE-2022-22721

If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier...

AZL-9015 CVE-2022-22719 affecting package httpd for versions less than 2.4.53-1

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

ALPINE-CVE-2022-22719

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...