CVE-2024-44760

Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server...

PT-2024-31239 · Unknown · Shenzhou News Union Enterprise Management System

Name of the Vulnerable Software and Affected Versions: Shenzhou News Union Enterprise Management System versions 5.0 through 18.8 Description: The issue is related to incorrect access control in the component /servlet/SnoopServlet, allowing attackers to access sensitive information regarding the...

CVE-2018-18940

servlet/SnoopServlet a servlet installed by default in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=XSS in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web...

Netscape Enterprise 3.63 Cross Site Scripting Vulnerability

Exploit for multiple platform in category web applications alert"XSS" The server response: Request URL: http://X.X.X.X/servlet/SnoopServlet Request information: Request method: GET Request URI: /servlet/SnoopServlet Request protocol: HTTP/1.1 Servlet path: /servlet/SnoopServlet Path info: Path...

Netscape Enterprise SnoopServlet servlet cross-site scripting vulnerability

Netscape Enterprise Server is a Web site server that runs on Microsoft, most UNIX, and Linux platforms. A cross-site scripting vulnerability in the servlet/SnoopServlet in Netscape Enterprise version 3.63 can be exploited by a remote, unauthenticated attacker to deliver malicious HTML or JavaScri...

Netscape Enterprise 3.63 Cross Site Scripting

alert"XSS" The server response: Request URL: http://X.X.X.X/servlet/SnoopServlet Request information: Request method: GET Request URI: /servlet/SnoopServlet Request protocol: HTTP/1.1 Servlet path: /servlet/SnoopServlet Path info: Path translated:...

Novell Netware Enterprise Web Server 5.1/6.0 SnoopServlet Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially...

WebSphere Application Server (WAS) vulnerable to cross-site scripting

Overview WebSphere Application Server WAS provided by IBM contains a cross-site scripting vulnerability. WebSphere Application Server WAS provided by IBM contains a vulnerability in SnoopServlet, which may result in a cross-site scripting. Eiji James Yoshida of Security Professionals Network Inc...

JVN#24343509: WebSphere Application Server (WAS) vulnerable to cross-site scripting

WebSphere Application Server WAS provided by IBM contains a vulnerability in SnoopServlet, which may result in a cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information provided by the develope...

SnoopServlet Cross Site Scripting

SnoopServlet simply echos back the request line and the headers that were sent by the client, plus any HTTPS information. Search Google for: j2ee/servlet/snoopservlet to find a lot of vuln sites. PoC:...

WebSphere snoopservlet导致路径泄露

No description provided by source...

IBM WebSphere snoopservlet Path Disclosure

This script attempts to enumerate the actual physical path of the servlet classes by requesting a version of 'snoopservlet' which is missing required classes. An attacker, gaining information about the actual physical layout of the file system, can use the information in crafting more complex...

CVE-2002-2006

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the 1 SnoopServlet or 2 TroubleShooter example servlets...