Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
macromedia jrun 3.0 |