3 matches found
CVE-2007-6421
CVE-2007-6421 is an XSS vulnerability in Apache HTTP Server 2.2.0–2.2.6 within the balancer-manager component of mod_proxy_balancer. An attacker could inject arbitrary script/HTML via the (1) ss, (2) wr, or (3) rr parameters, or via the URL. Affected product: Apache httpd 2.2.x (balancer-manager)...
CVE-2007-1742
Apache HTTP Server (httpd) 2.2.3’s suexec uses a partial path comparison to determine if the current directory is within the document root. This may allow local users to operate on incorrect directories under an html directory (e.g., html_backup/htmleditor). The issue is described across multiple...
CVE-2001-0131
CVE-2001-0131 is linked in Debian/OpenVAS advisories (e.g., DSA 021-1/188, OpenVAS entries) and references Apache components, but the connected documents do not provide detailed technical description of the root cause or explicit fixes beyond noting the vulnerability and CVSS scores. The Debian/O...