CVE-2001-0926
published 2001-11-28CVE-2001-0926: SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an…
PriorityP418medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.47%
82.5th percentile
SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| macromedia | jrun | — | — |
| macromedia | jrun | — | — |
| macromedia | jrun | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=100697797325013&w=2http://www.macromedia.com/v1/handlers/index.cfm?ID=22261&Method=Fullhttp://www.securityfocus.com/bid/3589https://exchange.xforce.ibmcloud.com/vulnerabilities/7622http://marc.info/?l=bugtraq&m=100697797325013&w=2http://www.macromedia.com/v1/handlers/index.cfm?ID=22261&Method=Fullhttp://www.securityfocus.com/bid/3589https://exchange.xforce.ibmcloud.com/vulnerabilities/7622
2001-11-28
Published