The default configuration of BEA WebLogic 5.1.0 allows a remote malicious user to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 5.1 |
||
bea weblogic server 4.0 |
||
bea weblogic server 3.1.8 |
||
bea weblogic server 4.5 |