Sergey Lyubka : Security Vulnerabilities, CVEs,
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.
Max CVSS
5.0
EPSS Score
0.17%
Published
2009-12-31
Updated
2010-01-04
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
Max CVSS
4.0
EPSS Score
2.05%
Published
2009-04-21
Updated
2018-10-10
Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of service via a request that includes an MS-DOS device name, as demonstrated by the /aux URI.
Max CVSS
5.0
EPSS Score
3.43%
Published
2007-12-13
Updated
2017-09-29
Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to obtain sensitive information (script source code) via a URL with a trailing encoded space (%20).
Max CVSS
5.0
EPSS Score
2.29%
Published
2007-06-26
Updated
2018-10-16
CVE-2006-5216
Public exploit
Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI.
Max CVSS
7.5
EPSS Score
94.70%
Published
2006-10-10
Updated
2017-10-19
5 vulnerabilities found