Aprelium Technologies Abyss Web Server — known CVE vulnerabilities
Every CVE whose affected-product data names Aprelium Technologies Abyss Web Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2003-1364 — CVSS 8.5 (high): Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of…
CVE-2003-1337 — CVSS 7.5 (high): Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP…
CVE-2002-1080 — CVSS 7.5 (high): The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server…
CVE-2002-0544 — CVSS 7.2 (high): Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which…
CVE-2003-1363 — CVSS 6.4 (medium): The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web…
CVE-2002-1081 — CVSS 5.0 (medium): The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP…
CVE-2002-1078 — CVSS 5.0 (medium): Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash)…
CVE-2002-1079 — CVSS 5.0 (medium): Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash)…
CVE-2002-0543 — CVSS 5.0 (medium): Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the…
CVE-2003-1338 — CVSS 4.3 (medium): CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and…