Litespeed Web Server Security Vulnerabilities and Issues — Litespeed Web Server CVE List

Lucene search

Litespeed TechnologiesLitespeed Web Server

5 matches found

CVE•added 2022/10/27 8:15 p.m.•190 views

CVE-2022-0073

Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1.

8.8CVSS8.8AI score0.00539EPSS

CVE•added 2022/10/27 8:15 p.m.•161 views

CVE-2022-0074

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.

8.8CVSS8.8AI score0.00108EPSS

CVE•added 2022/10/27 8:15 p.m.•55 views

CVE-2022-0072

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1

5.8CVSS6.1AI score0.00224EPSS

CVE•added 2007/10/23 9:47 p.m.•44 views

CVE-2007-5654

LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."

5CVSS7.1AI score0.68826EPSS

CVE•added 2005/11/20 10:3 p.m.•34 views

CVE-2005-3695

Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.

4.3CVSS6AI score0.00622EPSS