16 matches found
EUVD-2000-1012
Malware in sbrugna...
EUVD-2000-1011
Malware in sbrugna...
Unify eWave ServletExec 3 JSP Source Disclosure Vulnerability
No description provided by source. source : http://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HT...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
JSP vulnerabilities large-vulnerability warning-the black bar safety net
Overview: The server vulnerability is a security Origin, a hacker on the site of the attack is also mostly from the Find each other's vulnerabilities. So only understand its own vulnerability, the site managers to take appropriate measures to prevent foreign attacks. The following describes some ...
CVE-2000-1024
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands...
CVE-2000-0498
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...
CVE-2000-1024
CVE-2000-1024 concerns eWave ServletExec 3.0C and earlier. The vulnerability arises because the server-side UploadServlet is not properly restricted, allowing an attacker to upload arbitrary files to arbitrary directories, which can lead to remote command execution on the affected host. Multiple ...
Unify eWave ServletExec 3.0C UploadServlet Unprivileged File Upload
ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution...
CVE-2000-1024
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands...
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running...
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running...
Unify eWave ServletExec 3 - .JSP Source Disclosure
Unify eWave ServletExec 3 - .JSP Source Disclosure...
Unify eWave ServletExec 3 - .JSP Source Disclosure
source : https://www.securityfocus.com/bid/1970/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. ServletExec will return the source code of JSP files when a HTTP request is appended with one of...
Unify eWave ServletExec 3.0 c - Denial of Service
Unify eWave ServletExec 3.0 c - Denial of Service source: https://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of...
Unify eWave ServletExec 3.0 c - Denial of Service
source: https://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack if a URL invoking the ServletExec...