| 2126 | thttpd CGI Test Script XSS | low |
| 2125 | thttpd/mini_httpd < 2.24 Virtual Hosting File Disclosure | high |
| 2124 | thttpd/mini_httpd Virtual Hosting File Disclosure | high |
| 2123 | thttpd < 2.21 Error Page XSS | low |
| 2122 | THTTPD/Mini_HTTPD < 1.16 File Disclosure | medium |
| 2121 | THTTPD/Mini_HTTPD < 2.22 File Disclosure | medium |
| 2120 | thttpd < 2.20 Arbitrary World-Readable File Disclosure | medium |
| 2003 | Potential SQL Injection Vulnerability Detection | high |
| 2002 | Potential Microsoft SQL Injection Vulnerability Detection | high |
| 2001 | Potential MySQL Injection Vulnerability Detection | high |
| 1566 | Vignette StoryServer Information Disclosure | medium |
| 1561 | Monkey HTTP Daemon < 0.6.2 PostMethod Function Remote Overflow | high |
| 1560 | Xeneo Web Server < 2.1.5 GET Request Denial of Service | medium |
| 1556 | mod_NTLM Overflow / Format String | high |
| 1554 | BadBlue < 2.2 Unspecified Admin Access (deprecated) | high |
| 1552 | CommuniGate Pro < 4.0 .1b2 Referer Field Hijacking | medium |
| 1550 | thttpd < 2.24 Host:' Header Traversal File Access / libhttpd.c defang Overflow | high |
| 1547 | Sambar Cleartext Password Remote Disclosure | low |
| 1546 | XMB < 1.8 SP1 member.php SQL Injection | medium |
| 1545 | YaBB SE < 1.5.2 Remote File Inclusion and SQL Injection | medium |
| 1544 | JetDB Direct Request Database Download | info |
| 1541 | NetCharts Server Default Password (deprecated) | high |
| 1538 | BEA WebLogic < 5.1 SP 11 JSP Source Disclosure | medium |
| 1536 | BEA WebLogic Server GET Request Name Disclosure | medium |
| 1535 | Apache < 2.0.46 on OS/2 filestat.c Device Name Request DoS | medium |
| 1531 | eServ HTTP Connection Saturation Memory Leak Remote DoS | high |
| 1529 | mod_ssl < 2.8.10 Wildcard DNS Server Name XSS | low |
| 1527 | SHOUTcast Server Log Files XSS (deprecated) | medium |
| 1526 | BEA WebLogic < 6.1 SP2 Encoded Null Byte Request JSP Source Disclosure | medium |
| 1525 | BEA WebLogic < 5.1.0 SP8 Hex-encoded Request JSP Source Disclosure | medium |
| 1524 | Squid < 2.4.STABLE2 mkdir-only PUT Request DoS | medium |
| 1523 | Squid < 2.4.STABLE4 Buffer Overflow | high |
| 1522 | thttpd < 2.05 If-Modified-Since Header Overflow | critical |
| 1521 | AnalogX SimpleServer:WWW < 1.2 Remote DoS | high |
| 1520 | Shoutcast Multiple GET Request Remote DoS | medium |
| 1519 | Pi3Web WebServer < 2.0.1 CGI Handler Overflow | medium |
| 1518 | Savant < 3.0 GET Request CGI Source Disclosure | medium |
| 1517 | Resin < 2.1s020604 MS-DOS Device Path Disclosure | medium |
| 1516 | Oracle WebCache Server < 2.0.0.3.x Multiple Vulnerabilities | medium |
| 1515 | OpenSSL Private Key Disclosure | low |
| 1514 | Monkey HTTP Daemon < 0.6.2 POST Request Remote Overflow | high |
| 1513 | Apache mod_ssl Session Cache Code Overflow | high |
| 1512 | Apache mod_ssl < 2.8.10 Off-by-one Overflow | medium |
| 1511 | Apache mod_python < 2.7.8 Imported Function Access | high |
| 1510 | Apache mod_jk < 1.2.1 Chunked Encoding DoS | high |
| 1509 | Apache mod_frontpage < 1.6.1 Remote Overflow | high |
| 1508 | LocalWeb2000 2.10 Crafted Request File Disclosure | high |
| 1507 | IMail < 7.0.6 Account Hijacking | medium |
| 1506 | dwhttpd < 4.2 GET Request Remote Format String (deprecated) | high |
| 1505 | Domino < 5.0.7 NSF File Request Directory Traversal File Access | medium |
