漏洞类别：Web server漏洞等级： 漏洞信息 Netscape Enterprise Server is industrial-strength Web server software that enables organizations to publish content and deploy network-centric applications. By requesting a specially crafted command via a telnet port, a malicious user…

漏洞类别：Web server漏洞等级： 漏洞信息 Microsoft IIS is shipped with a number of HTR scripts, which are processed by ISAPI extensions. Due to the handling of requests by the ISAPI extensions, it's possible for a remote user to disclose various known files. A maliciously cr…

漏洞类别：Web server漏洞等级： 漏洞信息 Interscan VirusWall is a virus scanner distributed and maintained by Trend Micro. It is designed to scan for virus occurrences in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network. The method use…

漏洞类别：Web server漏洞等级： 漏洞信息 Allaire JRun Version 3.0 HTTP servlet server allows remote users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). 漏洞危害 By exploiting…

漏洞类别：Web server漏洞等级： 漏洞信息 Microsoft's IIS Version 4.0 and 5.0 ASP pages send the same Session ID cookie for secure and insecure Web sessions. A remote unauthorized user may be able to hijack the secure Web session of a legitimate user. This is possible if the …

漏洞类别：Web server漏洞等级： 漏洞信息 Acme THTTPd HTTP server includes a CGI program external to thttpd called "ssi". This program provides the functionality of the built-in server-side-includes feature in some HTTP daemons. The names of files to be filtered through the s…

漏洞类别：Web server漏洞等级： 漏洞信息 WEBactive, developed by ITAfrica, is an HTTP server daemon for small home offices or businesses. WEBactive is vulnerable to a denial of service attack. A malicious user can cause the denial of service by requesting a URL with 280+ cha…

漏洞类别：Web server漏洞等级： 漏洞信息 If a request containing the null character (%00) or the space character (%20) is made to the Roxen WebServer, the server will return directory contents, as well as the source of unparsed scripts and HTML pages. For example, a request …

漏洞类别：Web server漏洞等级： 漏洞信息 It seems that you are running an IBM Websphere Server. If your server is not an IBM Websphere Server, then you can safely ignore this vulnerability. IBM Websphere Server Versions 3.0.2, 3.0 and 2.0 are case-sensitive. If you change th…

漏洞类别：CGI漏洞等级： 漏洞信息 Sun Chili!Soft ASP (CASP) is a cross-platform Active Server Pages implementation for Linux and other platforms, including Lotus Domino, Apache, HP-UX, and AIX. The default installation of Chili!Soft ASP includes sample scripts which are vuln…

漏洞类别：Web server漏洞等级： 漏洞信息 Netscape FastTrak Server is a Web server designed for small workgroups. Netscape FastTrak Server is subject to a denial of service. The cache module within Netscape FastTrak Server contains nonexistent, yet legitimate, URLs. This cach…

漏洞类别：Web server漏洞等级： 漏洞信息 Chili!Soft ASP (CASP) is a cross-platform Active Server Pages implementation for Linux and other platforms, including Lotus Domino, Apache, HP-UX, and AIX. Chili!soft ASP provides a remote Web-based administration console which runs a…

漏洞类别：Web server漏洞等级： 漏洞信息 Netscape Enterprise Server is industrial-strength Web server software that enables organizations to publish content and deploy network-centric applications. It's possible for a remote user to crash Netscape Enterprise Server by compos…

漏洞类别：Web server漏洞等级： 漏洞信息 Resin is a servlet and JSP engine that supports java and javascript. If an HTTP request is appended with certain characters, ServletExec returns the source code of JSP files. This vulnerability is dependent on the platform that Resin …

漏洞类别：Web server漏洞等级： 漏洞信息 Caucho Resin is a servlet and JSP engine that supports java and javascript. Caucho Resin contains a directory traversal vulnerability, which could allow a remote user to gain read access to directories outside the root directory. Requ…

漏洞类别：Web server漏洞等级： 漏洞信息 OmniHTTPD is a compact Windows-based Web server by Omnicron Technologies. OmniHTTPD has various features, such as multiple domain support, keep-alive connections, virtual IP and non-IP server support, and standard CGI support. Due to …

漏洞类别：Web server漏洞等级： 漏洞信息 LocalWEB2000 is an HTTP server designed for a small to medium sized Intranet environment. If you have the Version 1.1.0 of this sever, then it's possible for users to gain read access to any known file residing on the server. By submi…

漏洞类别：Web server漏洞等级： 漏洞信息 Oracle GlassFish Server is an implementation of the Java Platform, Enterprise Edition (Java EE) 6 specification. Oracle GlassFish Server is exposed to a remote vulnerability in "Admin Console" sub component. Affected Versions: Oracle …

漏洞类别：Web server漏洞等级： 漏洞信息 WEBactive, developed by ITAfrica, is an HTTP server daemon for small home offices or businesses. WEBactive contains a directory traversal vulnerability, which could enable remote users to gain read access to directories outside the ro…

漏洞类别：Web server漏洞等级： 漏洞信息 John Roy Pi3Web is a standard Web server, which includes CGI and ISAPI support. Pi3Web uses multi-threading to handle system requests. Due to a buffer overflow vulnerability in John Roy Pi3Web Web server, it's possible for a malicious…

漏洞类别：Web server漏洞等级： 漏洞信息 Bajie HTTP server is a free Web server written in Java. Bajie contains a servlet called "uploadservlet" which enables users to upload files to a target directory and is installed by default. Unauthorized users may be able to use "uplo…

漏洞类别：Web server漏洞等级： 漏洞信息 Allaire JRun is a Web application development suite with JSP and Java Servlets. A servlet is a module that runs within a service, and is invoked through various requests. Although similar to CGI applications, servlets execute more qui…

漏洞类别：Web server漏洞等级： 漏洞信息 BEA Systems WebLogic Server is an Enterprise-level Web and wireless application server. If the letters in a JSP or a JHTML file extension are changed from lower case to upper case in a URL, such as .jsp to .JSP, then the server does n…

漏洞类别：Web server漏洞等级： 漏洞信息 Note: WinGate Versions 2.0 to 4.1 (beta A) are susceptible to this vulnerability. By default, the WinGate log service is configured to only allow connections from 127.0.0.1; however, the log service can also be set to allow connection…

漏洞类别：Web server漏洞等级： 漏洞信息 HSWeb is a Web server offered by Heat-On Software. HSWeb contains a path disclosure vulnerability, which makes it possible for unauthorized remote users to obtain the physical path to the Web root and browse the entire directory listi…