15 matches found
CVE-2025-66599
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...
EUVD-2001-0303
Malware in sbrugna...
EUVD-2002-1969
Malware in sbrugna...
EUVD-2001-0488
Malware in sbrugna...
CVE-2002-1990
Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet...
GHSA-2W2W-CV3H-RR38 Apache Tomcat Reveals Path through Long URL
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...
ECShop v2. 7. 2 wap page storm path 0day-vulnerability warning-the black bar safety net
Google: inurl:mobile/goods. php? act=viewimg&id=1 2 3 Search to After in page plus&id=5 That is, http://www. badguest. cn/mobile/goods. php? act=viewimg&id=1 2 3&id=5 For example, for many forums, submitted a non-existent file request, or submit a There is no output file of the request, the serve...
Nonexistent Page (404) Physical Path Disclosure
The remote web server reveals the physical path of the webroot when a nonexistent page is requested. While printing errors to the output is useful for debugging applications, this feature should be disabled on production servers. C Tenable Network Security, Inc. Vulnerable servers: Pi3Web/2.0.0...
Multiple bugs in Apache Tomcat
It's possible to obtain physical path and directory listing...
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension...
IBM Lotus Domino Banner Nonexistent .pl File Request Path Disclosure
The remote web server appears to be a version of Lotus Domino that allows an attacker to determine the physical path to the web root by requesting a non-existent '.pl' file. C Tenable Network Security, Inc. based on php3pathdisclosure by Matt Moore References From: "PeterGrundl" To: "bugtraq"...
ServletExec 4.1 ISAPI com.newatlanta.servletexec.JSP10Servlet Path Disclosure
By requesting a nonexistent .JSP file, or by invoking the JSPServlet directly and supplying no filename, it is possible to make the ServletExec ISAPI filter disclose the physical path of the webroot. %NASLMINLEVEL 70300 This script was written by Matt Moore Script audit and contributions from...
CVE-2001-0276
ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path...
Working Resources BadBlue 1.2.7 - Full Path Disclosure
source: https://www.securityfocus.com/bid/2390/info Requesting a specially crafted URL to a machine running Working Resources BadBlue, will disclose the physical path to the root directory. http://target/ext.dll will result in: Error: opening c:\program files\badblue\pe\default.htx 2...
CVE-2000-0759
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path...