HIGH7.5CVE-2018-16789libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic.
from 0, < 2.21
HIGH7.4CVE-2015-8400The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebin…