BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.

Continuous attack surface discovery, validated security testing, and rapid reaction to zero-days.

A live walkthrough of how teams use ZeroVault to find and fix what attackers actually exploit.

Learn about our mission, technology, and how we help organizations stay protected against modern cyber threats.

Our mission, our people, and how we partner with security teams across the world.

Ready to See Your True Attack Surface?

Join thousands of security teams who trust ZeroVault to discover vulnerabilities before attackers do. Get started with a personalized demo.

Complete visibility into your external attack surface. Discover vulnerabilities before attackers do.