Shodan
Vulnerabilities
Vulnerable Software
Soft3304:  >> 04webserver  Security Vulnerabilities
CVE-2006-4199
Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly sanitized before it is returned in an error page, a different vulnerability than CVE-2004-1512.
CVSS Score
6.8
EPSS Score
0.01
Published
2006-08-17
CVE-2006-4200
Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user authentication via unspecified vectors related to request processing.
CVSS Score
7.5
EPSS Score
0.005
Published
2006-08-17
CVE-2005-1416
Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-05-03
CVE-2004-1512
Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute arbitrary web script or HTML via script code in the URL, which is not quoted in the resulting default error page.
CVSS Score
4.3
EPSS Score
0.006
Published
2004-12-31
CVE-2004-1513
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-12-31
CVE-2004-1514
04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for an MS-DOS device name such as COM2.
CVSS Score
5.0
EPSS Score
0.011
Published
2004-12-31
CVE-2004-2661
Soft3304 04WebServer before 1.41 does not properly check file names, which allows remote attackers to obtain sensitive information (CGI source code).
CVSS Score
5.0
EPSS Score
0.003
Published
2004-12-31
CVE-2004-2662
Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service (resource consumption or crash) via certain data related to OpenSSL, which causes a thread to terminate but continue to hold resources.
CVSS Score
5.0
EPSS Score
0.006
Published
2004-12-31
CVE-2002-2216
Soft3304 04WebServer before 1.20 does not properly process URL strings, which allows remote attackers to obtain unspecified sensitive information.
CVSS Score
5.0
EPSS Score
0.003
Published
2002-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved