CVE-2019-6725

The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 2.00AAKK.3 devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the interface of the modem can be accessed as admin...

CVE-2018-18909

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

CVE-2018-18909

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

Design/Logic Flaw

xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view...

nginx Space String Remote Source Code Disclosure Vulnerability

nginx is prone to a remote source code-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context of the server process, which may aid in further attacks. This issue affects nginx...

CVE-2000-0499

BEA WebLogic 3.1.8–4.5.1 is affected. The default configuration allows a remote attacker to view the source code of a JSP program by requesting a URL that exposes the JSP extension in upper case. Root cause: default config enables exposing JSP source. Impact: confidentiality of JSP source could b...