561 matches found
Apache Tomcat 4.0.x < 4.0.5 / 4.1.x < 4.1.11 JSP Source Code Disclosure
Binary data 1463.pasl...
Merak Mail Server 7.4.5 - calendar.html?schedule SQL Injection
Merak Mail Server 7.4.5 - calendar.html?schedule SQL Injection source: https://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - ...
Java (.java / .class) Source Code Disclosure
The remote web server is hosting Java .java and/or .class files. These files may contain sensitive or proprietary information. If so, a remote attacker could use this information to mount further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure
Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpecte...
Whale Communications e-Gap Security Appliance 2.5 - Login Page Source Code Disclosure
source: https://www.securityfocus.com/bid/9431/info The e-GAP appliance has been reported prone to a source code disclosure vulnerability. It has been reported that, when the affected appliance handles unexpected HTTP requests it may divulge the source code of the login script. The login page is...
CVE-2003-0423
Apple QuickTime/Darwin Streaming Server’s parse_xml.cgi vulnerability (CVE-2003-0423) allows remote access to the source code of files via /parse_xml.cgi?filename=[file] for DS 4.1.3g and earlier. The issue is caused by Web root script disclosure, with no fix available at the time and Apple inves...
CVE-2003-0411
CVE-2003-0411 affects Sun ONE Application Server 7.0 on Windows 2000/XP. A remote attacker can obtain JSP source code by requesting a file with the uppercase extension ".JSP" instead of ".jsp". The provided documents do not specify a patch version or remediation; exploitation details are not desc...
sunone.txt
Multiple Vulnerabilities in Sun-One Application Server ------------------------------------------------------- Release Date: May 27, 2003 System Affected Sun-ONE Application Server 7.0 for Windows 2000/XP Description During a brief audit of a SunONE Application Server installation on Windows 2000...
Multiple Vulnerabilities in Sun-One Application Server
Multiple Vulnerabilities in Sun-One Application Server ------------------------------------------------------- Release Date: May 27, 2003 System Affected Sun-ONE Application Server 7.0 for Windows 2000/XP Description During a brief audit of a SunONE Application Server installation on Windows 2000...
Sun ONE Application Server 7.0 - Source Disclosure
Sun ONE Application Server 7.0 - Source Disclosure source: https://www.securityfocus.com/bid/7709/info Sun ONE Application Server is prone to a source code disclosure vulnerability. This issue is due to handling of case in requests for resources. By changing the case of a file extension, the serv...
BEA WebLogic SSIServlet Invocation Source Code Disclosure
BEA WebLogic may be tricked into revealing the source code of JSP scripts by prefixing the path to the .jsp files by /.shtml/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script is based on BEAweblogicRevealsourcecode.nasl Script audit and contributions from Carmichael Security Erik...
CVE-2002-0737
CVE-2002-0737 affects the Sambar Web Server prior to 5.2 beta 1. An attacker can remotely obtain source code of server-side scripts or trigger a denial of service by exploiting a flaw in URL parsing when a URL ends with a space followed by a null byte. This occurs because the server misinterprets...
CVE-2002-1451
The vulnerability CVE-2002-1451 affects the Blazix web server (Java-based) prior to version 1.2.2. An HTTP request that ends with a "+" or a backslash "\" can disclose the JSP source code or list restricted directories, enabling partial disclosure of sensitive data. The threat is described as rem...
Apache Tomcat multiple bugs
Multiple vulnerability allow directory browsing and source code disclosure...
GoAhead Web Server 2.1.x - '.ASP' File Source Code Disclosure
source: https://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests. An attacker can append certain characters to the end of a...
GoAhead Web Server 2.1.x - .ASP File Source Code Disclosure
GoAhead Web Server 2.1.x - .ASP File Source Code Disclosure source: https://www.securityfocus.com/bid/9239/info A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP request...
Perception LiteServe 2.0 - CGI Source Disclosure
Perception LiteServe 2.0 - CGI Source Disclosure source: https://www.securityfocus.com/bid/6188/info By constructing a malicious web request, it is possible for a remote attacker to disclose the source code of CGI scripts. Information gained through exploiting this issue may aid an attacker in...
[SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 169-1 [email protected] http://www.debian.org/security/ Martin Schulze October, 4th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 169-1] New tomcat packages fix unintended source code disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 169-1 [email protected] http://www.debian.org/security/ Martin Schulze October, 4th, 2002 http://www.debian.org/security/faq -...
Sambar Web Server vulnerable to sourcecode disclosure due to improper parsing of scripts
Overview Sambar Webserver displays script contents instead of interpreting them when the user adds certain characters to the end of the script URL. Description Sambar Webserver is designed to handle CGI requests by interpreting CGI scripts to produce output returned to the client. However, due to...