Copy Results
Download Results
Select Table
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2008-5160 |
|
1
|
DoS |
2008-11-18 |
2009-01-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error." |
|
2 |
CVE-2007-3365 |
|
|
+Info |
2007-06-22 |
2012-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI. |
|
3 |
CVE-2007-3364 |
|
|
XSS |
2007-06-22 |
2012-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 allows remote attackers to inject arbitrary web script or HTML via the body content. |
|
4 |
CVE-2007-2414 |
|
|
DoS |
2007-05-01 |
2008-11-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors. |
|
5 |
CVE-2007-1588 |
|
|
|
2007-03-21 |
2008-11-15 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges. |
|
6 |
CVE-2005-1659 |
|
|
XSS |
2005-05-18 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. |
|
7 |
CVE-2005-1658 |
|
|
Dir. Trav. |
2005-05-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). |
|
8 |
CVE-2004-2517 |
|
|
DoS |
2004-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
myServer 0.7.1 allows remote attackers to cause a denial of service (crash) via a long HTTP POST request in a View=Logon operation to index.html. |
|
9 |
CVE-2004-2516 |
|
|
Dir. Trav. |
2004-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences. |
|
10 |
CVE-2002-2240 |
22 |
|
Dir. Trav. |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. |
Total number of vulnerabilities :
10
Page :
1
(This Page)
