Yaws versions prior to 1.80 remote denial of service exploit.
68d710fcbbceef4f471515dbb043a4c889dbafbf17c994b7a22956e92bcd0e71
This Metasploit module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can only be used to retrieve files. However, code execution might be possible. Because when the malicious user sends a PUT request, a file is actually created, except no content is written.
100096ddc3f68245671d7c79a3e9817a588a3133d7f03303b89fad43146b34e0
Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.
a545a3172fc55a8fbfa7ccde9eb9fa21f07d84ee1822019489b84a0f3a5dc7d7
Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.
75629368ff456f6677d01b2c26f455cf606a3403736db99f79919f9e33af3230
Yaws server version2.0 suffers from multiple cross site scripting vulnerabilities.
fd5d802ca8c3dfc31a2c004351203ef8b75b2b3d0f240ee953d7a693a8c282c1
Yaws Wiki version 1.88-1 suffers from a cross site scripting vulnerability.
1f374675ae48d1dc0f7ffc30211d4eb74f2db13dd83c8891eb148daf6def0fff
Yaws version 1.89 suffers from directory traversal vulnerabilities.
422ffd9928f2e9d3b034af951782e1779777b7f67b219e7d1e79832e022c92f0
Yaws webserver versions 1.55 and below suffer from a source code disclosure flaw when a null byte is appended to the filename being accessed.
ad42f94a077bca941b456f8f2abf8d40742de163faf4303e44afa003e94d874b
Yet Another Wingate Scanner (YAWS) Version 0.1.
1e321a08d3f5472a712fdfbdbbb470dd8f42a2f100e6e751422294ebac6dcf44