Orange Software : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
Max CVSS
5.0
EPSS Score
1.95%
Published
2002-07-23
Updated
2017-12-20
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version.
Max CVSS
5.0
EPSS Score
0.99%
Published
2001-08-06
Updated
2008-09-05
2 vulnerabilities found