510 matches found
GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure
source: https://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests. An attacker can append certain characters to the end of a...
GoAhead Web Server discloses source code of ASP files via crafted URL
Overview An input validation vulnerability in the GoAhead Web Server allows attackers to view sensitive information. This issue is also referenced in VU124059. Description The GoAhead Web Server inadequately filters user-supplied input. Specifically, the server does not properly filter malformed...
GoAhead Web Server 2.1 - Arbitrary Command Execution
GoAhead Web Server 2.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platfor...
GoAhead Web Server 2.1 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platforms including Microsoft Windows and Linux variant...
CVE-2002-0681
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script...
CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / %5C in a .. dot dot sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228...
CVE-2002-0680
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / %5C in a .. dot dot sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228...
CVE-2002-0681
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script...
CVE-2002-0681
CVE-2002-0681 : A cross-site scripting vulnerability affects GoAhead Web Server 2.1. An attacker can deliver a URL containing script that, when a 404 Not Found page is generated, is not quoted, allowing script execution in another user context. CVSS data indicates a high base score (7.5) with net...
CVE-2002-0680
CVE-2002-0680 describes a directory traversal vulnerability in GoAhead Web Server 2.1 where remote attackers can read arbitrary files by sending a URL containing an encoded backslash () within a .. sequence. This is evidenced by the NVD entry for CVE-2002-0680, which mirrors an older CVE-2001-022...
wp-02-0001: GoAhead Web Server Directory Traversal + Cross Site Scripting
Westpoint Security Advisory Title: GoAhead Web Server Directory Traversal + Cross Site Scripting Risk Rating: Medium Software: GoAhead Web Server v2.1 Platforms: Windows NT/98/95/CE Embedded Linux Linux QNX Novell Netware + others Vendor URL: www.goahead.com/webserver/webserver.htm Author: Matt...
GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting
GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/5198/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible for attackers to launch cross site scripting attacks against vulnerable systems. GoAhead WebServer...
GoAhead Web Server 2.1.x - Error Page Cross-Site Scripting
source: https://www.securityfocus.com/bid/5198/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible for attackers to launch cross site scripting attacks against vulnerable systems. GoAhead WebServer includes unsanitized requested URLs when displaying a 404...
GoAhead Web Server 2.1.x - URL Encoded Slash Directory Traversal
source: https://www.securityfocus.com/bid/5197/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible to launch directory traversal attacks against GoAhead WebServer. It is possible for remote attackers to access arbitrary files residing on a vulnerable host...
GoAhead Web Server 2.1.x - URL Encoded Slash Directory Traversal
GoAhead Web Server 2.1.x - URL Encoded Slash Directory Traversal source: https://www.securityfocus.com/bid/5197/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible to launch directory traversal attacks against GoAhead WebServer. It is possible for remote...
CVE-2002-1603
GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, , %2f encoded /, %20 encoded space, or %00 encoded null character, which returns the ASP source code unparsed...
CVE-2001-0647
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version...
CVE-2001-0385
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory...
CVE-2001-0385
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory...
CVE-2001-0385
GoAhead WebServer is affected by DoS vulnerabilities in multiple paths. CVE-2001-0385 covers GoAhead WebServer 2.1 where a crafted HTTP request to the /aux directory can crash the daemon. Red Hat CVE-2003-1569 extends this on Windows 95/98/ME, showing that GoAhead WebServer before 2.1.5 can be fo...