Vulnerabilities > Litespeedtech > Openlitespeed > 1.5.11

DATE CVE VULNERABILITY TITLE RISK
2023-08-14 CVE-2023-40518 Unspecified vulnerability in Litespeedtech Openlitespeed
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.
network
low complexity
litespeedtech
7.5
7.5
2022-10-27 CVE-2022-0072 Path Traversal vulnerability in Litespeedtech Openlitespeed
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal.
network
low complexity
litespeedtech CWE-22
5.8
5.8
2020-01-06 CVE-2020-5519 Improper Input Validation vulnerability in Litespeedtech Openlitespeed
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
network
low complexity
litespeedtech CWE-20
critical
 9.8
9.8