CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2000-1052
https://notcve.org/view.php?id=CVE-2000-1052
29 Nov 2000 — Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet. • http://marc.info/?l=bugtraq&m=97236692714978&w=2 •
CVSS: 10.0EPSS: 8%CPEs: 1EXPL: 1CVE-2000-1053 – Allaire JRun 2.3 - Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2000-1053
29 Nov 2000 — Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. • https://www.exploit-db.com/exploits/20314 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0539
https://notcve.org/view.php?id=CVE-2000-0539
22 Jun 2000 — Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet. • http://www.allaire.com/handlers/index.cfm?ID=16290&Method=Full •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0540
https://notcve.org/view.php?id=CVE-2000-0540
22 Jun 2000 — JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information. • http://www.allaire.com/handlers/index.cfm?ID=16290&Method=Full •