CVE-2002-1451 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-1451

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) + or (2) (backslash) character.

Affected Software

Name	Vendor	Start Version	End Version
Blazix	Desiderata_software	1.2 (including)	1.2 (including)
Blazix	Desiderata_software	1.2.1 (including)	1.2.1 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.html
http://www.iss.net/security_center/static/9952.php
http://www.securityfocus.com/bid/5566
http://www.securityfocus.com/bid/5567
http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.html
http://www.iss.net/security_center/static/9952.php
http://www.securityfocus.com/bid/5566
http://www.securityfocus.com/bid/5567