This page lists publicly disclosed CVE vulnerabilities affecting unify ewave_servletexec (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-1114 | Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20". | [email protected] | 5.0 | 2.92% | 2001-01-09 | 2026-06-16 |
| CVE-2000-1025 | eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | [email protected] | 5.0 | 8.49% | 2000-12-11 | 2026-06-16 |
| CVE-2000-1024 | eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands. | [email protected] | 10.0 | 5.12% | 2000-12-11 | 2026-06-16 |
| CVE-2000-0498 | Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | [email protected] | 7.5 | 2.26% | 2000-06-08 | 2026-06-16 |