Описание
Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL.
Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0816
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25405
- http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1455.html
- http://secunia.com/advisories/18950
- http://secunia.com/secunia_research/2006-11/advisory
- http://securitytracker.com/id?1015823
- http://www.osvdb.org/24053
- http://www.securityfocus.com/archive/1/428601/100/0/threaded
- http://www.securityfocus.com/bid/17204
- http://www.vupen.com/english/advisories/2006/1055
EPSS
Процентиль: 79%
0.0126
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL.
EPSS
Процентиль: 79%
0.0126
Низкий