Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2000-1114

Disclosure Date: January 09, 2001 (last updated February 22, 2025)
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
0
0
Attacker Value
Unknown

CVE-2000-1025

Disclosure Date: December 11, 2000 (last updated February 22, 2025)
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.
0
0
Attacker Value
Unknown

CVE-2000-1024

Disclosure Date: December 11, 2000 (last updated February 22, 2025)
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
0
0