Monkey-project : Security Vulnerabilities, CVEs, Published In 2013
The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.
Max CVSS
5.0
EPSS Score
40.24%
Published
2013-08-01
Updated
2020-03-26
Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name.
Max CVSS
4.3
EPSS Score
0.09%
Published
2013-07-29
Updated
2020-03-26
2 vulnerabilities found