Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2001/01/29 12:0 a.m.28 views

Allaire JRun Crafted Request Forced Directory Listing

The version of Allaire JRun running on the remote host is affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this, by using a crafted URL request with '/./' prepended, to display a listing of a remote directory, even if a valid index file exists i...

5CVSS7.4AI score0.08179EPSS
Exploits0References1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.25 views

CVE-2000-1050

Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request aka the "extra leading slash"...

7.4AI score0.08179EPSS
Exploits0References4
CVE
CVE
added 2001/01/22 5:0 a.m.56 views

CVE-2000-1050

The CVE-2000-1050 entry concerns Allaire JRun 3.0/3.1-era HTTP servlet servers where an information-disclosure vulnerability allows remote attackers to access WEB-INF (and related) directories. The root cause is an information-disclosure path handling flaw triggered by a URL request that contains...

5CVSS7.4AI score0.08179EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2000/12/11 5:0 a.m.18 views

CVE-2000-1050

Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request aka the "extra leading slash"...

5CVSS6.4AI score0.08179EPSS
Exploits0References4
Rows per page
Query Builder