CVE-2000-0652
IBM WebSphere Application Server - Unauthenticated Source Code Disclosure via InvokerServlet
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0652. PoCs published by Shreeraj Shah.
AI-analyzed exploit summary The vulnerability in IBM WebSphere allows attackers to view the source code of files in the web document root by appending '/servlet/file/' to the URL, bypassing parsing/compilation. This is due to a flaw in the default servlet handling.
Description
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
Exploits (1)
The vulnerability in IBM WebSphere allows attackers to view the source code of files in the web document root by appending '/servlet/file/' to the URL, bypassing parsing/compilation. This is due to a flaw in the default servlet handling.