CVSS: 9.1EPSS: 2%CPEs: 3EXPL: 1CVE-2000-1204
https://notcve.org/view.php?id=CVE-2000-1204
13 Oct 2000 — Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root. • http://www.apacheweek.com/issues/00-10-13 •
CVSS: 5.3EPSS: 39%CPEs: 6EXPL: 2CVE-2000-0505 – Apache 1.3.6/1.3.9/1.3.11/1.3.12/1.3.20 - Root Directory Access
https://notcve.org/view.php?id=CVE-2000-0505
31 May 2000 — The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters. • https://www.exploit-db.com/exploits/19975 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1125
https://notcve.org/view.php?id=CVE-1999-1125
19 Sep 1997 — Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. • http://marc.info/?l=bugtraq&m=87602880019796&w=2 •