Vulnerabilities > Aprelium Technologies > Abyss WEB Server > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2002-10-04	CVE-2002-1081	Information Disclosure vulnerability in Abyss Web Server Malicious HTTP Request The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character. network low complexity aprelium-technologies	5.0
2002-10-04	CVE-2002-1080	Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0/1.0.3 The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. network low complexity aprelium-technologies	7.5
2002-07-03	CVE-2002-0544	Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0 Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges. local low complexity aprelium-technologies	7.2
2002-07-03	CVE-2002-0543	Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0 Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. network low complexity aprelium-technologies	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.