Описание
Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.
Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25178
- http://secunia.com/advisories/18962
- http://secunia.com/secunia_research/2006-13/advisory
- http://securityreason.com/securityalert/576
- http://securitytracker.com/id?1015779
- http://www.osvdb.org/23836
- http://www.securityfocus.com/archive/1/427478/100/0/threaded
- http://www.securityfocus.com/bid/17123
- http://www.vupen.com/english/advisories/2006/0937
EPSS
Процентиль: 78%
0.01118
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request.
EPSS
Процентиль: 78%
0.01118
Низкий