Aprelium Technologies: >> Abyss Web Server >> 1.0.3 Security Vulnerabilities
Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters.
CVSS Score
5.0
EPSS Score
0.008
Published
2002-10-04
The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.
CVSS Score
7.5
EPSS Score
0.01
Published
2002-10-04
The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-10-04