MidnightBSD

Advisories for verynginx_project

CVE-2018-19991 HIGH

VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-755,

Products Affected

Vendor Product Version
verynginx_project verynginx 0.3.3