CVE-2001-1510

3 documents3 sources
Severity
5.0MEDIUM
EPSS
3.7%
top 12.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Jrun
Timeline
PublishedDec 31
Latest updateApr 30

Description

Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmacromedia/jrun2.3.3, 3.0, 3.1+2

🔴Vulnerability Details

2
GHSA
GHSA-75pq-cv68-5rxq: Allaire JRun 22022-04-30
CVEList
CVE-2001-1510: Allaire JRun 22005-07-14
CVE-2001-1510 (MEDIUM CVSS 5) | Allaire JRun 2.3.3 | cvebase.io