CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16144
https://notcve.org/view.php?id=CVE-2017-16144
07 Jun 2018 — myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. "myserver.alexcthomas18" es un servidor de archivos. "myserver.alexcthomas18" es vulnerable a un problema de salto de directorio que otorga a un atacante acceso al sistema de archivos colocando "../" en la URL. • https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/myserver.alexcthomas18 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2008-5160 – MyServer 0.8.11 - '204 No Content' error Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-5160
18 Nov 2008 — Unspecified vulnerability in MyServer 0.8.11 allows remote attackers to cause a denial of service (daemon crash) via multiple invalid requests with the HTTP GET, DELETE, OPTIONS, and possibly other methods, related to a "204 No Content error." Vulnerabilidad sin especificar en MyServer v0.8.11, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) a través de múltiples peticiones HTTP GET, DELETE, OPTIONS, inválidas y posiblemente con otros métodos, relacionados con un "204 No C... • https://www.exploit-db.com/exploits/5184 •
CVSS: 6.1EPSS: 7%CPEs: 1EXPL: 1CVE-2007-3364 – MyServer 0.9.8 - Post.MSCGI Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-3364
22 Jun 2007 — Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 allows remote attackers to inject arbitrary web script or HTML via the body content. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de muestra cgi-bin/post.mscgi de MyServer 0.8.9 permite a atacantes remotos inyectar scripts web o HTML de su elección mediante el contenido del cuerpo (body). • https://www.exploit-db.com/exploits/30222 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2007-2414
https://notcve.org/view.php?id=CVE-2007-2414
01 May 2007 — MyServer before 0.8.8 allows remote attackers to cause a denial of service via unspecified vectors. MyServer anterior a 0.8.8 permite a atacantes remotos provocar una denegación de servicio a través de vectores no identificados. • http://osvdb.org/35469 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1588
https://notcve.org/view.php?id=CVE-2007-1588
21 Mar 2007 — server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges. server.cpp en el MyServer 0.8.5 llama al Process::setuid antes de llamar al rocess::setgid con lo que no se eliminan los privilegios adecuadamente. Esto permite a atacantes remotos ejecutar programas CGI con privilegios imprevistos. • http://osvdb.org/34521 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1658
https://notcve.org/view.php?id=CVE-2005-1658
18 May 2005 — Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). • http://cvs.sourceforge.net/viewcvs.py/myserverweb/myserverweb/source/filemanager.cpp?rev=1.116&view=log •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1659
https://notcve.org/view.php?id=CVE-2005-1659
18 May 2005 — Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. • http://cvs.sourceforge.net/viewcvs.py/myserverweb/myserverweb/source/filemanager.cpp?rev=1.116&view=log •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 4CVE-2004-2516 – myserver 0.7 - Directory Traversal
https://notcve.org/view.php?id=CVE-2004-2516
31 Dec 2004 — Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences. • https://www.exploit-db.com/exploits/24600 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2CVE-2004-2517 – MyServer 0.7.1 - 'POST' Denial of Service
https://notcve.org/view.php?id=CVE-2004-2517
31 Dec 2004 — myServer 0.7.1 allows remote attackers to cause a denial of service (crash) via a long HTTP POST request in a View=Logon operation to index.html. • https://www.exploit-db.com/exploits/551 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2002-2240
https://notcve.org/view.php?id=CVE-2002-2240
31 Dec 2002 — Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0092.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •