Adobe Experience Manager Forms Code Execution Vulnerability

Adobe Experience Manager Forms in JEE contains an unspecified vulnerability that allows for arbitrary code execution...

J2eeFAST 跨站脚本漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . A cross-site scripting vulnerability exists in J2eeFAST version 2.6.0 and earlier versions. An attacker can exploit this...

Liima 安全漏洞

Liima is a Liima open source application. Allows you to manage the configuration of Java EE applications in an unlimited number of different environments in various versions, including automated deployment of these applications. A security vulnerability exists in versions prior to Liima 1.17.28...

OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...

J2eeFAST SQL注入漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . J2eeFAST 2.2.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

Oracle WebLogic Server Remote Code Execution Vulnerability (CNVD-2020-38878)

WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A remote cod...

IBM WebSphere Application Server Memory Corruption Vulnerability

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server memory corruption vulnerability. N...

Primetek Primefaces Remote Code Execution Vulnerability

Primetek Primefaces is an open source use in the Java EE system UI library . A remote code execution vulnerability exists in version 5.x of Primetek Primefaces. A remote attacker could exploit this vulnerability to execute code...

Arbitrary File Download Vulnerability in javaee Forum System

javaee forum system is a free open source javaee forum source code system , using springMVC mybatis framework development. javaee forum system has an arbitrary file download vulnerability , an attacker can forge files through the path in the request to download the site configuration or system...

Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00928)

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...

Redhat JBoss Enterprise Application Platform Information Disclosure Vulnerability

Red Hat JBoss Enterprise Application Platform EAP is an open source, J2EE-based middleware platform from Red Hat, Inc. that builds, deploys, and hosts Java applications and services.WildFly is an open source application server based on JavaEE. WildFly is an open source application server based on...

Red Hat Wildfly Information Disclosure Vulnerability

Red Hat Wildfly formerly known as JBoss Application Server is a U.S. Red Hat Red Hat company based on JavaEE open source application server. An information disclosure vulnerability exists in Red Hat Wildfly. An attacker could exploit this vulnerability to bypass filter restrictions...

ZvingSoft SQL Injection Vulnerability

ZvingSoft ZCMS is a set of enterprise-level web content management system CMS based on J2EE technology and AJAX technology. ZvingSoft ZCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain databas...

WebGate Control Center Multiple Control Buffer Overflow Vulnerability

WebGate is an APM solution for real-time monitoring and performance management of business-critical systems based on J2EE architecture. A buffer overflow vulnerability exists in multiple controls in WebGate Control Center, which allows attackers to exploit the vulnerability to build malicious web...

Interstage Application Server Information Disclosure Vulnerability

Overview Interstage Application Server has an information disclosure vulnerability when used in a J2EE environment. Impact By taking the specific steps, a remote attacker could access the files and directories in the server to which J2EE applications are deployed, and the confidential information...

PT-2009-5092 · Ca · Ca Siteminder

Name of the Vulnerable Software and Affected Versions: CA SiteMinder affected versions not specified Description: The issue allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications. This is achieved through a request containing a %00 encoded null byte...