CVE-2023-3413

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to...

Oracle 9iAS allows access to CGI script source code within CGI-BIN directory

Overview Oracle 9i Application Server 9iAS allows remote anonymous users to view source code in CGI scripts stored in the Apache cgi-bin. Attackers may analyze these scripts to discover usernames, passwords, or other proprietary data or methods. Description The default Apache configuration file i...

CVE-2001-0926

CVE-2001-0926 affects Allaire JRun 2.3.3, 3.0, and 3.1. The flaw arises in the SSI filter: an HTTP request for a non-existent SSI page carrying an #include statement can cause the server to disclose its web root files, enabling remote attackers to obtain source code for JavaServer Pages (.jsp) an...