Weborf Project ≫ Weborf

cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks '\0' termination of the path for CGI scripts because strncpy is misused.

Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.