BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure
| EKU-ID: 25604 | CVE: CVE-2000-0500;OSVDB-1414 | OSVDB-ID: |
| Author: Foundstone Inc. | Published: 2000-06-21 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25604 | CVE: CVE-2000-0500;OSVDB-1414 | OSVDB-ID: |
| Author: Foundstone Inc. | Published: 2000-06-21 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1378/info Within WebLogic Server and WebLogic Express there are four main java servlets registered to serve different kind of files. A default servlet exists if a requested file does not have an assigned servlet. If an http request is made that includes "/file/", the server calls upon the default servlet which will cause the page to display the source code in the web browser. http://target/file/filename