CVEブラウザに戻る

CVE-2000-0498

HIGH

7.5

CVSS Severity Score

EPSS Score0.1050%

EPSS Percentile13.82th

Published2000年6月8日

Last Modified2026年4月16日

Vulnerability Description

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.

Affected Platforms (CPE)

📦

Unify

Ewave Servletexec

All versions

References & Advisories

🔗 http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0250.html

🔗 http://www.securityfocus.com/bid/1328

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/4649

🔗 http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0250.html

🔗 http://www.securityfocus.com/bid/1328

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/4649

関連する脆弱性情報

CVE-2000-102410.0

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers t...

CVE-2000-10255.0

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a U...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...