Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Xerver Security Vulnerabilities

cve
cve

CVE-2009-4657

The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.

6.7AI Score

0.005EPSS

2010-03-03 08:30 PM
26
cve
cve

CVE-2009-4658

Xerver 4.32 allows remote authenticated users to cause a denial of service (daemon crash) via a non-numeric web port assignment in the management interface. NOTE: this can be leveraged by non-authenticated attackers using CVE-2009-4657.

6.2AI Score

0.005EPSS

2010-03-03 08:30 PM
18