Yaws 1.5x Remote Source Code Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13981/info A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a...

Yaws 1.55 - Logs Terminal Escape Sequence Command Injection

Yaws 1.55 - Logs Terminal Escape Sequence Command Injection source: https://www.securityfocus.com/bid/37716/info Yaws is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary comman...