Lucene search
K
Pi3Pi3web

6 matches found

CVE
CVE
added 2001/04/04 4:0 a.m.55 views

CVE-2001-0303

Pi3Web 1.0.1 isapi: tstisapi.dll leakage allows remote attackers to determine the server’s physical path by requesting a non-existent file, an information disclosure vulnerability. The Nessus plugin additionally notes that the /isapi/tstisapi.dll CGI has a well-known flaw that can allow arbitrary...

5CVSS6.3AI score0.01464EPSS
CVE
CVE
added 2001/04/04 4:0 a.m.46 views

CVE-2001-0302

Pi3Web 1.0.1 is vulnerable via the ISAPI extension tstisapi.dll. A buffer overflow triggered by a long URL allows remote attackers to cause denial of service and potentially execute arbitrary commands; the CGI runs with the HTTP service privileges and can disclose the web-root path. Remediation m...

5CVSS7.8AI score0.06991EPSS
CVE
CVE
added 2002/03/15 5:0 a.m.45 views

CVE-2002-0142

Pi3Web CGI handler in Windows 2.0 beta 1/2 is vulnerable to a denial of service through very long CGI parameters; vendors indicate FIX in Pi3Web

7.5CVSS6.4AI score0.0308EPSS
CVE
CVE
added 2003/05/14 4:0 a.m.44 views

CVE-2003-0276

Pi3Web 2.0.1 is affected by CVE-2003-0276 due to a buffer overflow triggered by a GET request containing a large number of forward slashes, allowing remote DoS and potentially arbitrary code execution. The Nessus plugin corroborates an HTTP GET overflow and suggests upgrading to Pi3Web 2.0.2 beta...

5CVSS8AI score0.11403EPSS
CVE
CVE
added 2004/01/26 5:0 a.m.43 views

CVE-2003-1032

CVE-2003-1032 affects Pi3Web web server 2.0.2 Beta 1: when Directory Index is set to the Name column and sorted by the column title as a hyperlink, a malformed URL can cause a remote denial of service (crash), possibly involving a buffer overflow. No further exploit details or fixes are provided ...

5CVSS7.4AI score0.03559EPSS
CVE
CVE
added 2002/06/11 4:0 a.m.39 views

CVE-2002-0433

The CVE-2002-0433 entry concerns Pi3Web 2.0.0 where remote attackers can view restricted files by issuing an HTTP request containing a wildcard character ("*"). This is an unauthorized disclosure vulnerability via crafted requests, as described in NVD and CVE records. Connected documents confirm ...

5CVSS7.1AI score0.02302EPSS