CVSS: 9.8EPSS: 90%CPEs: 2EXPL: 1CVE-2002-0061 – Apache Win32 1.3.x/2.0.x - Batch File Remote Command Execution
https://notcve.org/view.php?id=CVE-2002-0061
21 Mar 2002 — Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe. El servidor Apache, en sus verisones para Win32 1.3.24 y anteriores, y 2.0.x hasta la 2.0.34-beta, permite que atacantes remotos ejecuten cualquier comando a través del metacaracter "|" de la shell. Estos comandos vienen com... • https://www.exploit-db.com/exploits/21350 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 10%CPEs: 10EXPL: 0CVE-2000-0913
https://notcve.org/view.php?id=CVE-2000-0913
19 Dec 2000 — mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. • http://archives.neohapsis.com/archives/bugtraq/2000-09/0352.html •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-1999-1293
https://notcve.org/view.php?id=CVE-1999-1293
31 Dec 1999 — mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. • http://marc.info/?l=bugtraq&m=88413292830649&w=2 •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-1999-1199
https://notcve.org/view.php?id=CVE-1999-1199
07 Aug 1998 — Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability. • http://marc.info/?l=bugtraq&m=90252779826784&w=2 •
CVSS: 7.5EPSS: 16%CPEs: 9EXPL: 1CVE-1999-0107 – Apache 1.2 - Denial of Service
https://notcve.org/view.php?id=CVE-1999-0107
30 Dec 1997 — Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. • https://www.exploit-db.com/exploits/20558 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1125
https://notcve.org/view.php?id=CVE-1999-1125
19 Sep 1997 — Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. • http://marc.info/?l=bugtraq&m=87602880019796&w=2 •
CVSS: 9.1EPSS: 69%CPEs: 1EXPL: 1CVE-1999-0070 – Apache 0.8.x/1.0.x / NCSA HTTPd 1.x - 'test-cgi' Directory Listing
https://notcve.org/view.php?id=CVE-1999-0070
01 Apr 1996 — test-cgi program allows an attacker to list files on the server. • https://www.exploit-db.com/exploits/20435 •