CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 3CVE-2012-4871 – Litespeed Web Server - 'gtitle' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-4871
06 Sep 2012 — Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en rvice/graph_html.php en el panel de administrador en LiteSpeed ??Web Server v4.1.11 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro gtitle • https://www.exploit-db.com/exploits/37947 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 76%CPEs: 15EXPL: 4CVE-2010-2333 – Litespeed Technologies - Web Server Remote Poison Null Byte
https://notcve.org/view.php?id=CVE-2010-2333
18 Jun 2010 — LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension. LiteSpeed Technologies LiteSpeed Web Server v4.0.x anteriores a 4.0.15 permite a atacantes remotos leer el código fuente de los scripts a través de una petición HTTP con un byte null seguido de una extensión .txt. • https://packetstorm.news/files/id/181088 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •