Vulnerabilities > Apache > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-05-29 | CVE-2002-0257 | Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | 7.5 |
2002-05-16 | CVE-2002-0185 | Unspecified vulnerability in Apache MOD Python mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module. | 7.5 |
2001-12-31 | CVE-2001-1563 | Remote Security vulnerability in Tomcat Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. | 7.5 |
2001-11-28 | CVE-2001-1449 | Remote Security vulnerability in Apache The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | 7.5 |
1999-09-13 | CVE-1999-1053 | Remote Command Execution vulnerability in Guestbook CGI guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->". | 7.5 |
1997-09-01 | CVE-1999-0071 | Unspecified vulnerability in Apache Http Server 1.1.1 Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | 7.5 |
1996-12-10 | CVE-1999-0045 | List of arbitrary files on Web host via nph-test-cgi script. | 7.5 |