Gnome: >> Dwarf Http Server Security Vulnerabilities
Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.
CVSS Score
7.8
EPSS Score
0.011
Published
2006-03-13
Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified error messages.
CVSS Score
4.3
EPSS Score
0.006
Published
2006-03-13