Lucene search
GoogleOSV:GHSA-C5VW-342H-X5RXHistoryMay 01, 2022 - 7:13 a.m.
Alkacon OpenCms Exposes JSP Source Code
2022-05-0107:13:46
Google
osv.dev
7
alkacon opencms
jsp source code
remote authentication
arbitrary files
index.jsp
system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to read the source code of arbitrary JSP files by specifying the file in the resource parameter, as demonstrated using index.jsp.
References
www.opencms.org/opencms/en/shownews.html?id=1002
exchange.xforce.ibmcloud.com/vulnerabilities/28001
github.com/alkacon/opencms-core
nvd.nist.gov/vuln/detail/CVE-2006-3936
web.archive.org/web/20061014175017/o0o.nu/~meder/OpenCMS_multiple_vulnerabilities.txt
web.archive.org/web/20201208142708/www.securityfocus.com/archive/1/441182/100/0/threaded
Related
github
github
Alkacon OpenCms Exposes JSP Source Code
2022-05-01 07:13:46
cvelist
cvelist
CVE-2006-3936
2006-07-31 22:00:00
nvd
nvd
CVE-2006-3936
2006-07-31 22:04:00
cve
cve
CVE-2006-3936
2006-07-31 22:04:00
nessus
nessus
OpenCms < 6.2.2 Multiple Vulnerabilities
2006-07-27 00:00:00