Lucene search
+L

178 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.13 views

BEA Systems WebLogic Express 3.1.8/4/5 Source Code Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have an assigned servlet. If an ht...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.68 views

IBM Websphere Application Server 2.0./3.0/3.0.2 .1 Showcode Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root directory. This is possib...

7.1AI score
Exploits0
debiancve
debiancve
added 2014/05/31 10:0 a.m.36 views

CVE-2014-0096

Removed by vendor...

4.3CVSS6.9AI score0.06905EPSS
Exploits0
cve
cve
added 2014/05/31 10:0 a.m.173 views

CVE-2014-0096

CVE-2014-0096 affects Apache Tomcat: DefaultServlet.jspXXE via XML External Entity in XSLT; tracked in Tomcat 6/7/8 lines (older than 6.0.40, 7.x < 7.0.53, 8.x

4.3CVSS7.8AI score0.06905EPSS
Exploits0References48Affected Software1
osv
osv
added 2014/05/31 12:0 a.m.2 views

UBUNTU-CVE-2014-0096

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a...

4.3CVSS6.7AI score0.06905EPSS
Exploits0References3
seebug
seebug
added 2009/12/16 12:0 a.m.22 views

Tomcat 4.0.10 自带Servlet可导致源码泄漏漏洞

No description provided by source...

7.1AI score
Exploits0
myhack58
myhack58
added 2007/05/26 12:0 a.m.40 views

jsp vulnerabilities and solutions-vulnerability warning-the black bar safety net

Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...

0.8AI score
Exploits0
myhack58
myhack58
added 2006/03/09 12:0 a.m.12 views

Test both the JSP environment the following security vulnerabilities-vulnerability warning-the black bar safety net

Author: xy7BCT The first test JSP program vulnerabilities, to be exact is a server poor configuration leading to security risks, wrong place hope everyone noted it!!! Previously in some articles on the see on the JSP site storm any files of the original code of the vulnerability, and today finall...

7AI score
Exploits0
cve
cve
added 2004/09/01 4:0 a.m.82 views

CVE-2002-1148

CVE-2002-1148 refers to a vulnerability in Apache Tomcat where the default servlet (org.apache.catalina.servlets.DefaultServlet) on Tomcat 4.0.4, 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet. Connected sources (GHSA and OSS/ID...

5CVSS6.4AI score0.1682EPSS
Exploits1References10Affected Software1
redhat
redhat
added 2003/04/09 8:14 p.m.7 views

security flaw

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148...

7.5CVSS6AI score0.05254EPSS
Exploits0References4
redhat
redhat
added 2003/03/03 9:16 a.m.6 views

security flaw

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148...

7.5CVSS6AI score0.05254EPSS
Exploits0References4
nvd
nvd
added 2003/01/17 5:0 a.m.25 views

CVE-2002-1394

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148...

7.5CVSS6.6AI score0.05254EPSS
Exploits0References11
redhat
redhat
added 2002/11/08 11:16 a.m.5 views

security flaw

The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...

5CVSS5.9AI score0.1682EPSS
Exploits1References4
redhat
redhat
added 2002/11/05 12:0 a.m.4 views

security flaw

The default servlet org.apache.catalina.servlets.DefaultServlet in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet...

5CVSS5.9AI score0.1682EPSS
Exploits1References4
exploitpack
exploitpack
added 2000/07/24 12:0 a.m.17 views

IBM Websphere Application Server 2.0.3.03.0.2.1 - Showcode

IBM Websphere Application Server 2.0.3.03.0.2.1 - Showcode source: https://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root...

7.3AI score
Exploits0
exploitdb
exploitdb
added 2000/07/24 12:0 a.m.41 views

IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode

source: https://www.securityfocus.com/bid/1500/info Certain versions of the IBM WebSphere application server ship with a vulnerability which allows malicious users to view the source of any document which resides in the web document root directory. This is possible via a flaw which allows a defau...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2000/06/21 12:0 a.m.13 views

BEA Systems WebLogic Express 3.1.845 - Source Code Disclosure

BEA Systems WebLogic Express 3.1.845 - Source Code Disclosure source: https://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have a...

7.6AI score
Exploits0
exploitdb
exploitdb
added 2000/06/21 12:0 a.m.28 views

BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure

source: https://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have an assigned servlet. If an http request is made that includes...

7.4AI score
Exploits0
Rows per page
Query Builder