26 matches found
EUVD-2000-1012
Malware in sbrugna...
EUVD-2000-1011
Malware in sbrugna...
ewave.com XSS vulnerability
Vulnerable URL: https://ewave.com/vacancy/?v=x%22%3E%3CsvG%20onLoad=prompt9%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1513453 VIP website status:| No Coordinated Disclosure Timeline: Description| Value...
Unify eWave ServletExec 3 JSP Source Disclosure Vulnerability
No description provided by source. source : http://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HT...
Unify eWave ServletExec 3.0 c DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack ...
jsp vulnerabilities and solutions-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
CVE-2000-0498
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...
CVE-2000-1024
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands...
CVE-2000-1024
CVE-2000-1024 concerns eWave ServletExec 3.0C and earlier. The vulnerability arises because the server-side UploadServlet is not properly restricted, allowing an attacker to upload arbitrary files to arbitrary directories, which can lead to remote command execution on the affected host. Multiple ...
CVE-2000-0498
The CVE-2000-0498 vulnerability affects Unify eWave ServletExec. A remote attacker could view the source code of a JSP program by requesting a URL that uses the JSP extension in uppercase. Connected sources confirm the affected product and the exact attack vector; PT-2000-1436 notes no informatio...
Unify eWave ServletExec 3.0C UploadServlet Unprivileged File Upload
ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution...
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running...
CVE-2000-1024
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands...
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running...
CVE-2000-1025
CVE-2000-1025 affects eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier. A remote attacker can cause a denial of service by requesting a URL containing the '/servlet/' path, which invokes the ServletExec servlet and triggers an exception if it is already running. Impact: partia...
Unify eWave ServletExec 3 - .JSP Source Disclosure
Unify eWave ServletExec 3 - .JSP Source Disclosure...
Unify eWave ServletExec 3 - .JSP Source Disclosure
source : https://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HTTP request is appended with one of...
Unify eWave ServletExec upload
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Unify eWave ServletExec upload ---------------------------------------------------------------------- FS Advisory ID: FS-103100-16-SRVX Release Date: October 31, 2000 Product: Unify eWave ServletExec 3.0C...