Unify Ewave Servletexec vulnerabilities
3 known vulnerabilities affecting unify/ewave_servletexec.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2000-1024P3CRITICALCVSS 10.0v3.0c2000-12-11
CVE-2000-1024 [CRITICAL] CVE-2000-1024: eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, w
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
nvd
CVE-2000-1025P4MEDIUMCVSS 5.0PoCv3.0c2000-12-11
CVE-2000-1025 [MEDIUM] CVE-2000-1025: eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cau
eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.
nvd
CVE-2000-1114P4MEDIUMCVSS 5.0PoCv3.0v3.0c2001-01-09
CVE-2000-1114 [MEDIUM] CVE-2000-1114: Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP req
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
nvd