Lucene search
+L

5615 matches found

NVD
NVD
added 2005/12/20 11:3 a.m.21 views

CVE-2005-4413

Multiple cross-site scripting XSS vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the 1 E-mail address field to a PlantsByWebSphere/login.jsp, 2 message field to b TechnologySample/BulletinBoard Script, 3...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/12/20 11:0 a.m.23 views

CVE-2005-4413

Multiple cross-site scripting XSS vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the 1 E-mail address field to a PlantsByWebSphere/login.jsp, 2 message field to b TechnologySample/BulletinBoard Script, 3...

5.7AI score0.01164EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2005/12/15 12:0 a.m.38 views

ibm_css.txt

----------------------------------------------------------- + IBM WEBSPHERE 6 Sample scripts Cross site scripting + ----------------------------------------------------------- Release Date: 12/12/2005 Severity: low Product:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/11/23 12:0 a.m.32 views

[SA17658] IBM WebSphere Application Server for z/OS Double-Free Vulnerability

TITLE: IBM WebSphere Application Server for z/OS Double-Free Vulnerability SECUNIA ADVISORY ID: SA17658 VERIFY ADVISORY: http://secunia.com/advisories/17658/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: IBM WebSphere Application Server 5.x...

1.1AI score
Exploits0
NVD
NVD
added 2005/11/22 11:3 p.m.20 views

CVE-2005-3760

Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service ABEND...

7.8CVSS6.4AI score0.01491EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/11/22 11:0 p.m.23 views

CVE-2005-3760

Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service ABEND...

6.4AI score0.01491EPSS
Exploits0References4
NVD
NVD
added 2005/11/04 12:2 a.m.27 views

CVE-2005-3498

IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive informatio...

4.3CVSS6AI score0.11293EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/11/04 12:0 a.m.32 views

CVE-2005-3498

IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive informatio...

6AI score0.11293EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/06/30 4:0 a.m.21 views

CVE-2005-2091

IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebSphere to incorrectly handle an...

6AI score0.01515EPSS
Exploits1References5
securityvulns
securityvulns
added 2005/06/08 12:0 a.m.34 views

[AppSecInc Advisory WEBSP05-V0098] Remote Buffer overflow in WebSphere Application Server Administrative Console

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote Buffer overflow in WebSphere Application Server Administrative Console AppSecInc Team SHATTER Security Advisory WEBSP05-V0098 http://www.appsecinc.com/resources/alerts/general/WEBSPHERE-001.html June 07, 2005 Risk level: HIGH Credits: This...

0.5AI score
Exploits0
Cvelist
Cvelist
added 2005/06/07 4:0 a.m.24 views

CVE-2005-1872

Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code...

7.6AI score0.0317EPSS
Exploits0References5
CVE
CVE
added 2005/06/07 4:0 a.m.57 views

CVE-2005-1872

The CVE-2005-1872 entry covers a buffer overflow in the administrative console of IBM WebSphere Application Server 5.x when global security is enabled. The related advisory materials describe improper validation of user-supplied input in the authentication process, which can allow remote attacker...

7.5CVSS7.6AI score0.0317EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2005/06/03 4:0 a.m.19 views

CVE-2005-1872

Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code...

7.5CVSS7.6AI score0.0317EPSS
Exploits0References5
NVD
NVD
added 2005/05/02 4:0 a.m.24 views

CVE-2005-0425

Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages .jsp via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine...

5CVSS6.5AI score0.02096EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/04/14 12:0 a.m.51 views

IBM WebSphere application server information leak

It's possible to obtain JSP page source code by requesting non-existing virtual host...

0.9AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/04/14 12:0 a.m.1014 views

IBM WebSphere Application Server Malformed Host Header JSP Source Disclosure

It is possible to make the remote web server disclose the source code of its JSP pages by requesting the pages with a nonexistent hostname in the HTTP 'Host' header request when WebSphere Application is sharing the document root of the web server. An attacker may use this flaw to get the source...

5CVSS5.7AI score0.08639EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2005/04/13 12:0 a.m.54 views

IBM Websphere 5.0/5.1/6.0 - Application Server Web Server Root JSP Source Code Disclosure

source: https://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to properly handle various requests under certain circumstances. It should be noted that thi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/04/13 12:0 a.m.14 views

IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure

IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure source: https://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/16 12:0 a.m.9 views

IBM WebSphere Commerce ResetPassword Servlet Caching Information Disclosure

The remote host is running a version of IBM WebSphere Commerce that may allow an attacker to conduct a brute-force attack against users who have recently had their passwords invalidated in WebSphere Commerce and uncover private information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/03/15 12:0 a.m.22 views

IBM WebSphere 'ResetPassword' Information Disclosure

Binary data 2712.prm...

7.3AI score
Exploits0References1
Rows per page
Query Builder