CVE-2006-3936
N/A
N/A
Summary
system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to read the source code of arbitrary JSP files by specifying the file in the resource parameter, as demonstrated using index.jsp.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/21193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28001
- http://www.opencms.org/opencms/en/shownews.html?id=1002
- http://securityreason.com/securityalert/1302
- http://www.securityfocus.com/archive/1/441182/100/0/threaded
- http://o0o.nu/~meder/OpenCMS_multiple_vulnerabilities.txt
- http://www.opencms.org/export/download/opencms/opencms_6.2.2_src.zip
References
- http://secunia.com/advisories/21193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28001
- http://www.opencms.org/opencms/en/shownews.html?id=1002
- http://securityreason.com/securityalert/1302
- http://www.securityfocus.com/archive/1/441182/100/0/threaded
- http://o0o.nu/~meder/OpenCMS_multiple_vulnerabilities.txt
- http://www.opencms.org/export/download/opencms/opencms_6.2.2_src.zip
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.