Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
foundstone labs vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-1025
eWave ServletExec JSP/Java servlet engine, versions 3.0C and previous versions, allows remote malicious users to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is alr...
Unify Ewave Servletexec 3.0c
1 EDB exploit
5
CVSSv2
CVE-2000-1050
Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Macromedia Jrun 3.0
1 EDB exploit
10
CVSSv2
CVE-2000-1053
Allaire JRun 2.3.3 server allows remote malicious users to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
Macromedia Jrun 2.3.x
1 EDB exploit
10
CVSSv2
CVE-2001-0555
ScreamingMedia SITEWare versions 2.5 up to and including 3.1 allows a remote malicious user to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet.
Screaming Media Siteware
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started