← Back

Tinywebserver

tinywebserver

Vendor: Qinguoyi • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-3268
1Qinguoyi
1Tinywebserver
Apr 23, 2025
Apr 4, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical. This vulnerability affects unknown code of the file http/http_conn.cpp. The manipulation of the argument m_url_real leads to...Show more
A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical. This vulnerability affects unknown code of the file http/http_conn.cpp. The manipulation of the argument m_url_real leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3267
1Qinguoyi
1Tinywebserver
Apr 7, 2025
Apr 4, 2025
5.3 MEDIUM· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0. This affects an unknown part of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to sql...Show more
A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0. This affects an unknown part of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-3266
1Qinguoyi
1Tinywebserver
Apr 7, 2025
Apr 4, 2025
6.9 MEDIUM· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argumen...Show more
A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less