3 matches found
Blazix Trailing Character JSP Source Disclosure
The remote host is running the Blazix web server, a web server written in Java. The installed version of Blazix discloses the source code of its JSP pages by requesting the pages while appending a plus sign or a backslash to its name. An attacker may use this flaw to get the source code of your...
CVE-2002-1451
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a 1 "+" or 2 "" backslash character...
CVE-2002-1451
The vulnerability CVE-2002-1451 affects the Blazix web server (Java-based) prior to version 1.2.2. An HTTP request that ends with a "+" or a backslash "\" can disclose the JSP source code or list restricted directories, enabling partial disclosure of sensitive data. The threat is described as rem...