Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-5752

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS6AI score0.27783EPSS
Exploits0References5
Apache Httpd
Apache Httpd
added 2014/05/30 12:0 a.m.156 views

Apache Httpd < 2.2.29 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

6.8CVSS6.2AI score0.85744EPSS
Exploits4Affected Software1
Apache Httpd
Apache Httpd
added 2014/05/30 12:0 a.m.87 views

Apache Httpd < 2.4.10 : mod_status buffer overflow

A race condition was found in modstatus. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessibl...

6.8CVSS6.2AI score0.85744EPSS
Exploits4Affected Software1
RedHat Linux
RedHat Linux
added 2010/08/04 9:30 p.m.4 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/06/30 3:29 p.m.6 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.4 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/07/13 7:38 a.m.1 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
OSV
OSV
added 2007/06/27 5:30 p.m.2 views

DEBIAN-CVE-2006-5752

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.8AI score0.27783EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/06/27 2:52 p.m.4 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/06/26 3:13 p.m.4 views

httpd mod_status XSS

Cross-site scripting XSS vulnerability in modstatus.c in the modstatus module in Apache HTTP Server httpd, when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving charsets with browser...

4.3CVSS7.3AI score0.27783EPSS
Exploits0References4
Rows per page
Query Builder