30 matches found
EUVD-2009-3542
Malware in sbrugna...
EUVD-2009-3526
Malware in sbrugna...
EUVD-2009-3543
Malware in sbrugna...
EUVD-2009-4057
Malware in sbrugna...
Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability
No description provided by source. Xerver HTTP Server v4.32 XSS / Directory Traversal Vulnerability By Stack Directory Traversal Exploit : http://127.0.0.1:32123/action=chooseDirectory¤tPath=d:%5C http://127.0.0.1:32123/action=chooseDirectory¤tPath=c:\ XSS Exploit :...
Xerver HTTP Server Web Administration Denial of Service Vulnerability
This host is running Xerver HTTP Server and is prone to the Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbxerverhttpserverwebadmindosvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Xerver HTTP Server Web Administration Denial of Service Vulnerability Authors: Veerendra GG...
CVE-2009-4086
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
Crlf injection
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
CVE-2009-4086
CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...
CVE-2009-4086
CVE-2009-4086 relates to a CRLF injection vulnerability in the Xerver HTTP Server, specifically versions 4.31 and 4.32 . The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting by sending certain byte sequences at the end of a URL. Public references ...
Xerver HTTP Server Cross Site Scripting Vulnerability
This host is running Xerver HTTP Server and is prone to Cross Site Scripting vulnerability OpenVAS Vulnerability Test $Id: gbxerverhttpserverxssvuln.nasl 4970 2017-01-09 15:00:59Z teissa $ Xerver HTTP Server Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009...
Directory traversal
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action...
CVE-2009-3544
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
Design/Logic Flaw
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
Cross site scripting
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
CVE-2009-3562
Cross-site scripting XSS vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action...
CVE-2009-3561
Directory traversal vulnerability in Xerver HTTP Server 4.32 allows remote attackers to read arbitrary files via a full pathname with a drive letter in the currentPath parameter in a chooseDirectory action...
CVE-2009-3544
CVE-2009-3544 affects Xerver HTTP Server 4.32. A remote attacker can disclose the source of a web page by sending a crafted HTTP request with ::$DATA appended after the filename, leading to information disclosure. Multiple sources (NVD/OpenVAS/Seebug) confirm the vulnerability and its impact as s...
CVE-2009-3544
Xerver HTTP Server 4.32 allows remote attackers to obtain the source code for a web page via an HTTP request with the addition of ::$DATA after the HTML file name...
CVE-2009-3562
CVE-2009-3562 affects Xerver HTTP Server 4.32. The XSS vulnerability is triggered in the management interface when action=chooseDirectory and the currentPath parameter is not properly validated, allowing remote attackers to inject arbitrary scripts/HTML. Affected product: Xerver HTTP Server (core...