Sun One WebServer 6.1 JSP Source Viewing vulnerability 's

2017年5月3日18:45:18评论364 views字数 406阅读1分21秒阅读模式

摘要

作者：Kingcope Kingcope <kcope2_(at)_googlemail.com>Sun One WebServer 6.1 JSP Source Viewing vulnerability

Sun One WebServer 6.1 JSP Source Viewing vulnerability

System: Sun-ONE-Web-Server/6.1, Windows Server 2003

SunOne WebServer (formerly Netscape Enterprise Server, iPlanet) on Windows Systems lets remote people disclose
JSP Source code.

A normal URL would look like:

http://server/hello.jsp

To disclose the contents including source code of a JSP file:

http://server/hello.jsp::$DATA

Best Regards,

Nikolaos Rangos

本文由 admin 发表于 2017年5月3日18:45:18
转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出)：
Sun One WebServer 6.1 JSP Source Viewing vulnerability 'shttps://cn-sec.com/archives/44826.html

Discuz! 5.0.0 GBK SQL injection / admin credentials disclosure exploit