Produkt Mod perl (...) - CVEMAP.ORG

Podatności dla 'Mod perl'

2018-08-26

CVE-2011-2767

CWE-94

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

2009-04-07

CVE-2009-0796

CWE-79

Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.

2007-03-29

CVE-2007-1349

CWE-399

PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

>>> Vendor: Apache 247 Produkty

Mod auth radius

Coyote http connector

Open for business project

Apache http server

Tomcat jk web server connector

Myfaces tomahawk

Apache webserver

Portable runtime

Apache commons daemon

Http server2.0a1

Http server2.0a2

Http server2.0a3

Http server2.0a4

Http server2.0a5

Http server2.0a6

Http server2.0a7

Http server2.0a8

Http server2.0a9

Commons-compress

Org.apache.sling.servlets.post

Commons-httpclient

Commons fileupload

Struts2-showcase

Xml security for c++

Xml security for java

Sling auth core component

Httpasyncclient

Mod auth mellon

Santuario xml security for java

Zobacz wszystkie produkty dla producenta Apache

Copyright 2024, cxsecurity.com