CyberSec.Space Logo
Back to CVE Browser

CVE-2000-1024

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile34.12th
PublishedDec 11, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.

Affected Platforms (CPE)

πŸ“¦
Unify

Ewave Servletexec

= 3.0c

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=97306581513537&w=2
πŸ”— http://www.securityfocus.com/bid/1876
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5450
πŸ”— http://marc.info/?l=bugtraq&m=97306581513537&w=2
πŸ”— http://www.securityfocus.com/bid/1876
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5450

Related Vulnerabilities

CVE-2000-04987.5

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP e...

CVE-2000-10255.0

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a U...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...