Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Orange Software Subscribe
Filtered by product Orange Web Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0680 3 Goahead Software, Montavista Software, Orange Software 3 Goahead Webserver, Hard Hat Linux, Orange Web Server 2017-12-19 5.0 MEDIUM N/A
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
CVE-2001-0647 1 Orange Software 1 Orange Web Server 2008-09-05 5.0 MEDIUM N/A
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version.