04webserver@1.42 Security Vulnerabilities and Issues — 04webserver@1.42 CVE List

Lucene search

Soft330404webserver1.42

5 matches found

CVE•added 2005/02/19 5:0 a.m.•42 views

CVE-2004-1512

Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page.

4.3CVSS6.1AI score0.00622EPSS

CVE•added 2005/02/19 5:0 a.m.•40 views

CVE-2004-1513

04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.

5CVSS6.6AI score0.00675EPSS

CVE•added 2005/02/19 5:0 a.m.•35 views

CVE-2004-1514

04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for an MS-DOS device name such as COM2.

5CVSS6.7AI score0.01122EPSS

CVE•added 2006/08/17 9:4 p.m.•35 views

CVE-2006-4199

Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page, a different vulnerability than CVE-2004-1512.

6.8CVSS5.6AI score0.00971EPSS

CVE•added 2006/08/17 9:4 p.m.•35 views

CVE-2006-4200

Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user authentication via unspecified vectors related to request processing.

7.5CVSS7.3AI score0.00521EPSS