5335 matches found
BIT-APACHE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-37871
SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...
PT-2024-5185 · Apache +6 · Apache Http Server +6
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.61 Description: The issue is related to the core of Apache HTTP Server, where a partial fix ignores some use of the legacy content-type based configuration of handlers. This can result in source code disclosure...
USN-6885-1: Apache HTTP Server vulnerabilities
Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2024-36387 Orange Tsai discovered that the Apache...
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to...
Apache 2.4.60 Source Code Disclosure
According to its banner, the version of Apache running on the remote host is 2.4.60. It is, therefore, affected by a source code disclosure with handlers configured via AddType. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...
FreeBSD : Apache httpd -- source code disclosure (5d921a8c-3a43-11ef-b611-84a93843eb75)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5d921a8c-3a43-11ef-b611-84a93843eb75 advisory. The Apache httpd project reports: isource code disclosure with handlers configured via AddType...
CVE-2024-39884
A flaw was found in httpd. The fix for CVE-2024-38476 ignores some uses of the legacy content-type based configuration of handlers. "AddType" and similar configurations, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
AZL-43170 CVE-2024-39884 affecting package httpd for versions less than 2.4.61-1
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884
CVE-2024-39884 affects Apache HTTP Server (notably 2.4.60 and older) where legacy content-type based configuration (e.g., AddType) could cause source code disclosure for indirectly requested files, potentially exposing local content (e.g., PHP scripts being served). Affected vendors consistently ...
CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
Apache httpd -- source code disclosure
The Apache httpd project reports: isource code disclosure with handlers configured via AddType CVE-2024-39884 Important. A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under so...
UBUNTU-CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...
Apache HTTP Server 2.4.60 Information Disclosure Vulnerability - Linux
Apache HTTP Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...