← back
CVE-2000-1224

CVE-2000-1224

EPSS 2.9%
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/20429unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=97502269408279&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/5568http://www.securityfocus.com/archive/1/146770http://www.securityfocus.com/bid/1986