Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.
- Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
- CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
- bozotic HTTP server Denial of Service Vulnerability
- Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities