Vulnerabilities (CVE)

Filtered by vendor An Subscribe
Filtered by product An-http
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1271 1 An 1 An-http 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script.
CVE-2003-1270 1 An 1 An-http 2024-11-20 5.0 MEDIUM N/A
AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability.
CVE-2003-1269 1 An 1 An-http 2024-11-20 5.0 MEDIUM N/A
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.