Important: httpd

Issue Overview: Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Serv...

Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-014)

The version of tomcat installed on the remote host is prior to 8.5.40-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT8.5-2023-014 advisory. The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided da...

CVE-2005-1666

Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service server crash and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the 1 ftpxlatepath, 2 ftpiscanonical, or 3...

Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/13549/info Orenosv HTTP/FTP server is prone to a remote buffer overflow vulnerability that affects 'cgissi.exe'. This issue presents itself when the application handles excessive values supplied through an SSI command name. A successful attack can result ...

Вставка команд с помощью SSI в Hypermail (code execution)

Возможно переслать файл shtml из которого включить любой другой файл...