Lucene search
K
Soft330404webserver

9 matches found

CVE
CVE
added 2005/05/03 4:0 a.m.58 views

CVE-2005-1416

The CVE-2005-1416 entry concerns 04WebServer 1.81 with a directory traversal vulnerability that lets remote attackers read files outside the web root but inside the installation folder. The issue is remote, of low attack complexity, and does not require authentication (per CVSS metrics: AV NETWOR...

5CVSS7AI score0.01642EPSS
CVE
CVE
added 2006/08/17 11:0 p.m.57 views

CVE-2002-2216

CVE-2002-2216 affects Soft3304 04WebServer prior to 1.20. The issue is a flaw in how URL strings are processed, enabling remote attackers to obtain unspecified sensitive information. The connected documents do not provide a concrete fix or remediation steps. No exploitation details are documented...

5CVSS6.9AI score0.01175EPSS
CVE
CVE
added 2006/08/17 11:0 p.m.57 views

CVE-2004-2661

Soft3304 04WebServer before 1.41 fails to properly validate requested file names, allowing remote attackers to obtain CGI source code. The issue is network-exploitable and leads to partial information disclosure (CGI source). No exploitation details or official fixes are provided in the supplied ...

5CVSS6.6AI score0.01175EPSS
CVE
CVE
added 2005/02/19 5:0 a.m.56 views

CVE-2004-1512

CVE-2004-1512 affects 04WebServer 1.42 via an XSS in Response_default.html. The vulnerability allows remote attackers to execute arbitrary script/HTML because URL script code is not quoted in the resulting default error page. Connected documents confirm this as the issue, but do not provide explo...

4.3CVSS6.1AI score0.01444EPSS
CVE
CVE
added 2006/08/17 11:0 p.m.55 views

CVE-2004-2662

The CVE-2004-2662 entry concerns Soft3304 04WebServer prior to 1.41. The vulnerability is a denial of service: sending certain data related to OpenSSL can cause a thread to terminate while resources remain allocated, potentially leading to resource exhaustion. Publicly available details are limit...

5CVSS7.1AI score0.01779EPSS
CVE
CVE
added 2005/02/19 5:0 a.m.53 views

CVE-2004-1513

The CVE-2004-1513 entry concerns 04WebServer 1.42, where log-writing data is not properly filtered, allowing remote attackers to inject carriage return characters and spoof log entries. The issue affects the logging component, enabling log tampering without affecting other content. The provided s...

5CVSS6.6AI score0.01656EPSS
CVE
CVE
added 2006/08/17 9:0 p.m.47 views

CVE-2006-4199

CVE-2006-4199 describes a cross-site scripting (XSS) vulnerability in Soft3304 04WebServer, affected versions 1.83 and earlier. The root cause is that user-supplied URL content is not properly sanitized before being echoed in an error page, allowing an attacker to inject arbitrary web script or H...

6.8CVSS5.6AI score0.01251EPSS
CVE
CVE
added 2005/02/19 5:0 a.m.46 views

CVE-2004-1514

04WebServer 1.42 is affected by a DoS vulnerability triggered by an HTTP request for an MS-DOS device name (e.g., COM2), causing the server to fail to restart properly. The CVE entry notes a partial availability impact. No additional exploit details or fixes are provided in the connected documents.

5CVSS6.7AI score0.01809EPSS
CVE
CVE
added 2006/08/17 9:0 p.m.44 views

CVE-2006-4200

This CVE (CVE-2006-4200) affects 04WebServer 1.83 and earlier. A vulnerability in request processing allows remote attackers to bypass user authentication, potentially enabling access to server files without credentials. The JVN entry confirms a directory traversal-style bypass of authentication ...

7.5CVSS7.3AI score0.01567EPSS