- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21751
- Проверка EDB
-
- Пройдено
- Автор
- AURIEMMA LUIGI
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2002-1451
- Дата публикации
- 2002-08-24
Код:
source: https://www.securityfocus.com/bid/5566/info
Blazix is a freely available, open source web server written in Java. It is available for Linux and Microsoft Windows operating systems.
When a user passes a request to the web server that ends in either a plus (+) or backslash (\), the web server may react unpredictably. This type of character appended to the name of a .jsp file has been reported to reveal the contents of the .jsp file.
http://www.example.com/jsptest.jsp+
http://www.example.com/jsptest.jsp\- Источник
- www.exploit-db.com
