|Max CVSS||5.0||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
|06-06-2021 - 11:15||25-09-2002 - 04:00|
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
|06-06-2021 - 11:15||11-10-2002 - 04:00|
Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the pathname in the resulting error message, or (2) via an error message that o
|06-06-2021 - 11:15||05-09-2002 - 04:00|
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
|06-06-2021 - 11:15||06-05-2002 - 04:00|
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
|06-06-2021 - 11:15||05-07-2005 - 04:00|