MiracleLinux 4 : httpd24-1.1-19.AXS4, httpd24-httpd-2.4.25-9.AXS4.1, httpd24-nghttp2-1.7.1-8.AXS4 (AXSA:2019-4423:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4423:01 advisory. httpd: modsessioncookie does not respect expiry time CVE-2018-17199 httpd: modauthdigest: access control bypass due to race condition CVE-2019-0217...

MiracleLinux 7 : httpd-2.4.6-99.1.0.9.el7.AXS7 (AXSA:2025-10586:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10586:06 advisory. CVE-2014-8109: modlua: fix LuaAuthzProvider argument handling issue CVE-2019-10092: modproxy: fix limited cross-site scripting in modproxy error pa...

CLSA-2025-1752126532 httpd: Fix of 2 CVEs

CVE-2014-8109: modlua: fix LuaAuthzProvider argument handling issue - CVE-2019-10092: modproxy: fix limited cross-site scripting in modproxy error page...

Exploit for Cross-site Scripting in Apache Http_Server

This is a PoC exploit for CVE-2019-10092, a Limited Cross-Site Scripting in modproxy Error Page-Apache httpd vulnerability. The target product/service is Apache HTTP Server, and the vulnerability class/vector is XSS. The probable entry points are the start.sh script, which invokes the Apache serv...

DEBIAN-CVE-2019-10092

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with...

ALPINE-CVE-2019-10092

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the modproxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with...