Vulnerabilities (CVE)

Filtered by vendor Orange Software Subscribe
Filtered by product Orange Web Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0680 3 Goahead Software, Montavista Software, Orange Software 3 Goahead Webserver, Hard Hat Linux, Orange Web Server 2024-11-20 5.0 MEDIUM N/A
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
CVE-2001-0647 1 Orange Software 1 Orange Web Server 2024-11-20 5.0 MEDIUM N/A
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version.