Thread Tools Search this Thread Display Modes
Old 26-03-2012, 20:52
Java-monitor RSS bot Java-monitor RSS bot is offline
Resident RSS bot
Join Date: Jun 2011
Posts: 1,347
Default CVE-2012-1089 (wicket)

Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.

Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump