VYPR
Vendor

Xitami

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2001-1481CriDec 31, 2001
    risk 0.64cvss 9.8epss 0.03

    Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.

  • CVE-2008-6519Mar 25, 2009
    risk 0.03cvss epss 0.06

    Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Process (LRWP) request,…

  • CVE-2008-6520Mar 25, 2009
    risk 0.00cvss epss 0.05

    Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a URI that ends in (1) .ssi,…

  • CVE-2000-1225Dec 31, 2000
    risk 0.00cvss epss 0.01

    Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.