Description
Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Matt Moore · textremotewindows
https://www.exploit-db.com/exploits/21582
References (5)
Core 5
Core References
Various Sources x_refsource_confirm
http://www.macromedia.com/v1/handlers/index.cfm?ID=23164
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5118
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=102529402127195&w=2
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9450.php
Scores
EPSS
0.0336
EPSS Percentile
87.4%
Details
Status
published
Products (3)
macromedia/jrun
3.0
macromedia/jrun
3.1
macromedia/jrun
4.0
Published
Jul 11, 2002
Tracked Since
Feb 18, 2026