1 results (0.001 seconds)
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-0904
https://notcve.org/view.php?id=CVE-2008-0904
22 Feb 2008 — Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted URL. Vulnerabilidad sin especificar en el servlet download de BEA Plumtree Collaboration de 4.1 a SP2 y AquaLogic Interaction de 4.2 a MP1 permite a atacantes remotos leer archivos de su elección a través de un URL manipulado. • http://dev2dev.bea.com/pub/advisory/276 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •