Acme 'thttpd' and 'mini_httpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. This issue affects thttpd 2.25b and mini_httpd 1.19 other versions may also be affected.
- IBM WebSphere Application Server Multiple CSRF Vulnerabilities
- Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
- Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)