141 matches found
Directory traversal
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...
CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that 1 change the web administration password, 2 upload application...
CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...
CVE-2009-0038
Multiple cross-site scripting XSS vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 ip, 3 username, or 4 description parameter to console/portal/Server/Monitorin...
CVE-2008-5518
CVE-2008-5518 corresponds to multiple directory traversal vulnerabilities in the Apache Geronimo Application Server 2.1–2.1.3 on Windows, affecting the web administration console. A remote attacker could upload files to arbitrary directories via traversal sequences in parameters for the Services/...
CVE-2009-0038
CVE-2009-0038 refers to multiple cross-site scripting (XSS) vulnerabilities in the Apache Geronimo web administration console (versions 2.1 to 2.1.3). The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via parameters (name, ip, username, description) to console/port...
CVE-2009-0039
Apache Geronimo Application Server CSRF vulnerabilities (CVE-2009-0039) affect the web administration console in Geronimo 2.1–2.1.3. The issue allows remote attackers to hijack administrator sessions and perform actions (e.g., change password, upload apps, Shutdown) via forgery. The CVE descripti...
Apache Geronimo multiple security vulnerabilities
Crossite scripting, directory traversal...
[DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities
Original Advisory: http://dsecrg.com/pages/vul/show.php?id=118 Digital Security Research Group DSecRG Advisory DSECRG-09-018 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Directory Traversal File Upload Exploits: YES...
[DSECRG-09-020] Apache Geronimo - XSRF vulnerabilities
Original Advisory: http://dsecrg.com/pages/vul/show.php?id=120 Digital Security Research Group DSecRG Advisory DSECRG-09-020 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Multiple XSRF Vulnerabilities Exploits: YES...
[DSECRG-09-019] Apache Geronimo - XSS vulnerabilities.txt
Original advisory http://dsecrg.com/pages/vul/show.php?id=119 Digital Security Research Group DSecRG Advisory DSECRG-09-019 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Multiple XSS Vulnerabilities Exploits: YES...
Apache Geronimo <= 2.1.3 Multiple Directory Traversal Vulnerabilities
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-018 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Directory Traversal File Upload Exploits: YES Reported: 10.12.2008 Vendor...
Apache Geronimo 2.1.x - consoleportalServerMonitoring Multiple Cross-Site Scripting Vulnerabilities
Apache Geronimo 2.1.x - consoleportalServerMonitoring Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site...
Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting
Apache Geronimo 2.1.x - consoleportal URI Cross-Site Scripting source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple...
Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities
Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities Digital Security Research Group DSecRG Advisory DSECRG-09-018 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Directory Traversal File Upload Exploits:...
Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)
Apache Geronimo 2.1.x - Cross-Site Request Forgery Multiple Admin Function source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability -...
Apache Geronimo <= 2.1.3 Multiple Directory Traversal Vulnerabilities
Exploit for multiple platform in category remote exploits ===================================================================== Apache Geronimo = 2.1.3 Multiple Directory Traversal Vulnerabilities ===================================================================== Digital Security Research Grou...
Apache Geronimo Cross Site Request Forgery
Original Advisory: http://dsecrg.com/pages/vul/show.php?id=120 Digital Security Research Group DSecRG Advisory DSECRG-09-020 Application: Apache Geronimo Application Server Versions Affected: 2.1 - 2.1.3 Vendor URL: http://geronimo.apache.org/ Bug: Multiple XSRF Vulnerabilities Exploits: YES...