Linux Distros Unpatched Vulnerability : CVE-2025-59775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM...

CVE-2025-59775

Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes...

CVE-2002-2029

PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string...

PHP 8.3.x < 8.3.12 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.12 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard configurations ...

BEA Weblogic JSESSIONID Cookie Value Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'BEA Weblogic...

Windows Apache directory traversal

It's possible to leave web rot folder by using backslash...