Bypassing Web Application Firewall in VeryNginx 0.3.3 due to Missing Error Handler
CVE-2018-19991 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.
Learn more about our Web App Pen Testing.