Unify : Security Vulnerabilities, CVEs, Published In 2000
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.
Max CVSS
5.0
EPSS Score
2.52%
Published
2000-12-11
Updated
2017-12-19
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
Max CVSS
10.0
EPSS Score
0.41%
Published
2000-12-11
Updated
2017-10-10
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
Max CVSS
7.5
EPSS Score
0.21%
Published
2000-06-08
Updated
2024-01-26
3 vulnerabilities found