CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2001-0812

Malware in sbrugna...

5.1CVSS6.4AI score0.02773EPSS

Exploits1References7

OSV•added 2022/05/01 7:2 a.m.•10 views

GHSA-MQ4X-8WHH-JX73 Improper Input Validation in Mortbay Jetty

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

5.3CVSS6.6AI score0.01325EPSS

Exploits1References3

Github Security Blog•added 2022/04/30 6:17 p.m.•9 views

Apache Tomcat Reveals Path through Long URL

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...

5CVSS6.4AI score0.08176EPSS

Exploits0References11Affected Software1

NVD•added 2020/01/27 6:15 p.m.•22 views

CVE-2013-7390

Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot...

9.8CVSS9.7AI score0.74528EPSS

Exploits6References2

Prion•added 2020/01/27 6:15 p.m.•15 views

Unrestricted file upload

7.5CVSS8.1AI score0.74528EPSS

Exploits6References2Affected Software1

Cvelist•added 2015/06/08 2:0 p.m.•22 views

CVE-2015-2994

Unrestricted file upload vulnerability in ChangePhoto.jsp in SysAid Help Desk before 15.2 allows remote administrators to execute arbitrary code by uploading a file with a .jsp extension, then accessing it via a direct request to the file in icons/userphoto/...

7.4AI score0.49791EPSS

Exploits9References5

Prion•added 2006/06/02 1:2 a.m.•13 views

Code injection

jetty 6.0.x jetty6 beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations...

5CVSS7.3AI score0.01325EPSS

Exploits1References1Affected Software1

NVD•added 2001/11/22 5:0 a.m.•20 views

CVE-2001-0917

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...

5CVSS6.2AI score0.08176EPSS

Exploits0References6

NVD•added 2000/10/20 4:0 a.m.•14 views

CVE-2000-0681

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension...

10CVSS7.8AI score0.50858EPSS

Exploits0References2

CVE•added 2000/10/13 4:0 a.m.•53 views

CVE-2000-0681

CVE-2000-0681 describes a buffer overflow in the BEA WebLogic Server proxy plug-in that handles third‑party web server requests to forward JSP URLs. The flaw, triggered by long URL paths (notably with a .JSP extension), can overflow a buffer in wl_proxy and allow remote code execution as the user...

10CVSS7.8AI score0.50858EPSS

Exploits0References2Affected Software1

Cvelist•added 2000/10/13 4:0 a.m.•27 views

CVE-2000-0499

The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...

7.5AI score0.02512EPSS

Exploits1References4

Cvelist•added 2000/10/13 4:0 a.m.•20 views

CVE-2000-0681

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension...

7.8AI score0.50858EPSS

Exploits0References2

NVD•added 2000/06/08 4:0 a.m.•28 views

CVE-2000-0497

IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case...

7.5CVSS7.4AI score0.03066EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by