Desiderata Software: Security Vulnerabilities
Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot), (2) space, and (3) slash characters in the extension of a URL.
CVSS Score
5.0
EPSS Score
0.009
Published
2006-03-29
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.
CVSS Score
5.0
EPSS Score
0.058
Published
2002-08-24