8 matches found
CVE-2017-10974
creationtimestamp| type| source ---|---|--- 2024-11-10 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-10 2024-12-14 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-14 2024-12-15 00:00:00+00:00| seen| The Shadowserver...
CVE-2017-10974
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...
CVE-2017-10974
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...
CVE-2017-10974
Yaws 1.91 is affected by an unauthenticated local file inclusion through HTTP directory traversal using an initial /%5C../ sequence to port 8080. The root cause is improper handling of a backslash-dot-dot variant that defeats traversal protections, enabling access to local files (including sensit...
CVE-2017-10974
Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on thi...
Yaws 1.91 - Remote File Disclosure Vulnerability
Exploit for multiple platform in category remote exploits + Credits: John Page aka hyp3rlinx Vendor: ========== yaws.hyber.org Product: =========== Yaws v1.91 Yet Another Web Server Yaws is a HTTP high perfomance 1.1 webserver particularly well suited for dynamic-content web applications. Two...
Yaws 1.91 Unauthenticated Remote File Disclosure
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========== Yaws v1.91 Yet Another Web Server...
Yaws 1.91 - Remote File Disclosure
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========== Yaws v1.91 Yet Another Web Server...