← back
CVE-2002-1451

CVE-2002-1451

EPSS 8.3%
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/21752unverifiedexploitdbwww.exploit-db.com/exploits/21751unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.htmlhttp://www.iss.net/security_center/static/9952.phphttp://www.securityfocus.com/bid/5566http://www.securityfocus.com/bid/5567