AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access.
6.9AI Score
0.011EPSS
Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include arbitrary files via the appserv_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. There is not enough detail from these ...
6.6AI Score
0.014EPSS
Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
5.7AI Score
0.004EPSS