Abyss Web Server@1.0 Security Vulnerabilities and Issues — Abyss Web Server@1.0 CVE List

Lucene search

Aprelium TechnologiesAbyss Web Server1.0

4 matches found

CVE•added 2002/07/03 4:0 a.m.•46 views

CVE-2002-0544

Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.

7.2CVSS7.2AI score0.00128EPSS

CVE•added 2002/10/04 4:0 a.m.•39 views

CVE-2002-1080

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.

7.5CVSS7.4AI score0.01048EPSS

CVE•added 2003/04/02 5:0 a.m.•39 views

CVE-2002-1081

The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character.

5CVSS7AI score0.00612EPSS

CVE•added 2003/04/02 5:0 a.m.•34 views

CVE-2002-0543

Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.

5CVSS7AI score0.10261EPSS