Filtered by vendor Unify Subscriptions
Filtered by product Ewave Servletexec Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2000-1114 1 Unify 1 Ewave Servletexec 2024-11-21 N/A
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
CVE-2000-1025 1 Unify 1 Ewave Servletexec 2024-11-21 N/A
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.
CVE-2000-1024 1 Unify 1 Ewave Servletexec 2024-11-21 N/A
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
CVE-2000-0498 1 Unify 1 Ewave Servletexec 2024-11-21 7.5 High
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.