CVE-2001-0031
BroadVision One-To-One Enterprise allows remote attackers to determine the physical path of server files by requesting a .JSP file name that does not exist.
Date published : 2001-02-02
http://archives.neohapsis.com/archives/bugtraq/2000-12/0074.html