Goahead Software Goahead Webserver vulnerabilities
7 known vulnerabilities affecting goahead_software/goahead_webserver.
Total CVEs
7
CISA KEV
0
Public exploits
6
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2002-1951P3HIGHCVSS 7.5PoCv2.12002-12-31
CVE-2002-1951 [HIGH] CVE-2002-1951: Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a lon
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories.
nvd
CVE-2002-0681P4HIGHCVSS 7.5PoCv2.1.1v2.1.2+3 more2002-07-23
CVE-2002-0681 [HIGH] CVE-2002-0681: Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute scri
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.
nvd
CVE-2002-1603P4MEDIUMCVSS 5.0PoCv2.0v2.1+7 more2002-02-13
CVE-2002-1603 [MEDIUM] CVE-2002-1603: GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files
GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files via a URL terminated with a /, \, %2f (encoded /), %20 (encoded space), or %00 (encoded null) character, which returns the ASP source code unparsed.
nvd
CVE-2002-0680P4MEDIUMCVSS 5.0PoCv2.1.1v2.1.2+3 more2002-07-23
CVE-2002-0680 [MEDIUM] CVE-2002-0680: Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrar
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
nvd
CVE-2001-0228P4MEDIUMCVSS 5.0PoCvv.2.0vv.2.12001-05-03
CVE-2001-0228 [MEDIUM] CVE-2001-0228: Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to r
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.
nvd
CVE-2001-0385P4MEDIUMCVSS 5.0PoCv2.12001-07-02
CVE-2001-0385 [MEDIUM] CVE-2001-0385: GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to th
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
nvd
CVE-2003-1568P4MEDIUMCVSS 5.0≤ 2.1.5v2.1.3+1 more2009-02-06
CVE-2003-1568 [MEDIUM] CWE-20 CVE-2003-1568: GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer de
GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function.
nvd