eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=97306581513537&w=2 | |
http://www.securityfocus.com/bid/1876 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/5450 |
Configurations
History
No history.
Information
Published : 2000-12-11 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-1024
Mitre link : CVE-2000-1024
CVE.ORG link : CVE-2000-1024
JSON object : View
Products Affected
unify
- ewave_servletexec
CWE