31 matches found
EUVD-2009-3526
Malware in sbrugna...
EUVD-2009-4057
Malware in sbrugna...
EUVD-2009-3543
Malware in sbrugna...
EUVD-2009-3542
Malware in sbrugna...
Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability
No description provided by source. Xerver HTTP Server v4.32 XSS / Directory Traversal Vulnerability By Stack Directory Traversal Exploit : http://127.0.0.1:32123/action=chooseDirectory¤tPath=d:%5C http://127.0.0.1:32123/action=chooseDirectory¤tPath=c:\ XSS Exploit :...
Xerver HTTP CRLF Injection Response Splitting (CVE-2009-4086)
This is a CRLF injection vulnerability in Xerver HTTP Server. Remote attackers could use this vulnerability to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL...
Xerver HTTP Server Web Administration Denial of Service Vulnerability
This host is running Xerver HTTP Server and is prone to the Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbxerverhttpserverwebadmindosvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Xerver HTTP Server Web Administration Denial of Service Vulnerability Authors: Veerendra GG...
CVE-2009-4086
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
Crlf injection
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
CVE-2009-4086
CVE-2009-4086 relates to a CRLF injection vulnerability in the Xerver HTTP Server, specifically versions 4.31 and 4.32 . The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting by sending certain byte sequences at the end of a URL. Public references ...
CVE-2009-4086
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
Xerver HTTP Server Cross Site Scripting Vulnerability
This host is running Xerver HTTP Server and is prone to Cross Site Scripting vulnerability OpenVAS Vulnerability Test $Id: gbxerverhttpserverxssvuln.nasl 4970 2017-01-09 15:00:59Z teissa $ Xerver HTTP Server Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009...
CVE-2009-3544
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
Cross site scripting
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
CVE-2009-3561
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action...
Directory traversal
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action...
Design/Logic Flaw
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
CVE-2009-3562
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
CVE-2009-3544
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
CVE-2009-3544
CVE-2009-3544 affects Xerver HTTP Server 4.32. A remote attacker can disclose the source of a web page by sending a crafted HTTP request with ::$DATA appended after the filename, leading to information disclosure. Multiple sources (NVD/OpenVAS/Seebug) confirm the vulnerability and its impact as s...