This host is running HTTP File Server and is prone to multiple vulnerabilities.
Successful exploitation will allow an attacker to insert arbitrary HTML and script code and execute arbitrary PHP code. Impact Level: Application
Update to version 2.3 or later, For updates refer to http://www.rejetto.com/hfs
- An input passed to 'search' parameter is not properly sanitized before being returned to the user. - An error due to the '~upload ' script allowing the upload of files with arbitrary extensions to a folder inside the webroot can be exploited to execute arbitrary PHP code by uploading a malicious PHP script.
HttpFileServer version 2.2f and prior
- nginx HTTP Request Remote Buffer Overflow Vulnerability
- CoreHTTP 'src/http.c ' Buffer Overflow Vulnerability
- Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
- Xerver HTTP Server Web Administration Denial of Service Vulnerability
- httpdx 'USER' Command Remote Format String Vulnerability