Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-1270 | 5.0 |
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.
|
11-10-2018 - 20:31 | 10-03-2008 - 21:44 | |
CVE-2008-1111 | 5.0 |
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
|
11-10-2018 - 20:29 | 04-03-2008 - 23:44 |