Tinyserver
by Tinyserver
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2004-2116 | 0.04 | — | 0.14 | Dec 31, 2004 | Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | ||
| CVE-2004-2117 | 0.04 | — | 0.08 | Jan 24, 2004 | Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | ||
| CVE-2004-2119 | 0.03 | — | 0.01 | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||
| CVE-2004-2118 | 0.00 | — | 0.01 | Dec 31, 2004 | Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, possibly due to a buffer overflow. |
- CVE-2004-2116Dec 31, 2004risk 0.04cvss —epss 0.14
Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL.
- CVE-2004-2117Jan 24, 2004risk 0.04cvss —epss 0.08
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version.
- CVE-2004-2119Dec 31, 2004risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL.
- CVE-2004-2118Dec 31, 2004risk 0.00cvss —epss 0.01
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, possibly due to a buffer overflow.