Remote Code Disclosure in BEA WebLogic 5.1.x via SSIServlet

Remote Code Disclosure in BEA WebLogic 5.1.x via SSIServlet

CVE-2000-0683 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.

Learn more about our Web App Pen Testing.