Search for vulnerabilities
| Vulnerability ID | VCID-1r9x-9cx9-3far |
| Aliases |
CVE-2008-2939
|
| Summary | A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 2.1 |
| Risk | 1.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.40747 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.40747 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| epss | 0.68325 | https://api.first.org/data/v1/epss?cve=CVE-2008-2939 |
| apache_httpd | low | https://httpd.apache.org/security/json/CVE-2008-2939.json |
| Percentile | 0.97274 |
| EPSS Score | 0.40747 |
| Published At | Aug. 3, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:28:48.954174+00:00 | Apache HTTPD Importer | Import | https://httpd.apache.org/security/json/CVE-2008-2939.json | 37.0.0 |