Vulnerabilities > Unify > Ewave Servletexec > 3.0c
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-01-09 | CVE-2000-1114 | Unspecified vulnerability in Unify Ewave Servletexec 3.0/3.0C Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20". | 5.0 |
2000-12-11 | CVE-2000-1025 | Unspecified vulnerability in Unify Ewave Servletexec 3.0C eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | 5.0 |
2000-12-11 | CVE-2000-1024 | Unspecified vulnerability in Unify Ewave Servletexec 3.0C eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands. | 10.0 |