GNU Serveez Information Disclosure Vulnerability

GNU Serveez is a server framework. An information disclosure vulnerability exists in the httpcgiwrite function in http-cgi.c in GNU Serveez 0.2.2 and earlier. An attacker can exploit this vulnerability to obtain information by sending an HTTP POST request to the /cgi-bin/reader URI...

CVE-2017-9097

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a...