Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2020-29596
Disclosure Date: December 21, 2020 (last updated February 22, 2025)
MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.
0
Attacker Value
Unknown
CVE-2008-0338
Disclosure Date: January 17, 2008 (last updated October 04, 2023)
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.
0
Attacker Value
Unknown
CVE-2008-0337
Disclosure Date: January 17, 2008 (last updated October 04, 2023)
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
0
Attacker Value
Unknown
CVE-2007-3159
Disclosure Date: June 11, 2007 (last updated October 04, 2023)
http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header.
0