Omnicron: Security Vulnerabilities
Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header.
CVSS Score
7.5
EPSS Score
0.056
Published
2004-12-31
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
CVSS Score
4.3
EPSS Score
0.004
Published
2003-06-09
Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.
CVSS Score
5.0
EPSS Score
0.008
Published
2002-10-04
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts.
CVSS Score
5.0
EPSS Score
0.009
Published
2001-10-18
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).
CVSS Score
5.0
EPSS Score
0.031
Published
2001-10-18
Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a remote attacker to create a denial of service via a long POST URL request.
CVSS Score
5.0
EPSS Score
0.009
Published
2001-08-22
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script.
CVSS Score
10.0
EPSS Score
0.076
Published
2001-03-12
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter.
CVSS Score
5.0
EPSS Score
0.027
Published
2001-03-12
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
CVSS Score
10.0
EPSS Score
0.046
Published
1999-10-22
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created.
CVSS Score
5.0
EPSS Score
0.042
Published
1999-06-05
Page 1