Jeesns 跨站脚本漏洞

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in published articles...

JEESNS 跨站脚本漏洞

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the header...

J2eeFAST SQL注入漏洞

J2eeFAST is a Java EE enterprise-class rapid development platform , is committed to building the best small and medium-sized open source free backend framework platform . J2eeFAST 2.2.1 suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL...

Oracle WebLogic Server Remote Code Execution Vulnerability (CNVD-2020-38878)

WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A remote cod...

CVE-2018-6446

A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications...

Jeesite has an XSS vulnerability

JeeSite is an enterprise information technology development infrastructure platform , Java enterprise applications open source framework. Jeesite has an XSS vulnerability that can be exploited by an attacker to obtain an administrator cookie...

IBM WebSphere Application Server Memory Corruption Vulnerability

IBM WebSphere Application Server WAS is an application server product from IBM in the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server memory corruption vulnerability. N...

XSS Vulnerability at JEESNS Microblog Comments

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS microblogging comments at the existence of XSS vulnerability , an attacker can use the vulnerability to inject arbitrary Web script or HTML...

XSS Vulnerability at JEESNS Group Posts

JEESNS is an open source social management system developed on the JAVA enterprise level platform. JEESNS group posts at the existence of XSS vulnerability , an attacker can be exploited to inject arbitrary Web script or HTML...

Red Hat WildFly IIOP OpenJDK Subsystem Unauthorized Operation Vulnerability

Red Hat Wildfly formerly known as JBoss Application Server is the United States Red Hat Red Hat a JavaEE-based open source application server. IIOP OpenJDK subsystem is one of the Java-based subsystem. A security vulnerability exists in the IIOP OpenJDK subsystem in Red Hat WildFly versions prior...

Primetek Primefaces Remote Code Execution Vulnerability

Primetek Primefaces is an open source use in the Java EE system UI library . A remote code execution vulnerability exists in version 5.x of Primetek Primefaces. A remote attacker could exploit this vulnerability to execute code...

Arbitrary File Download Vulnerability in javaee Forum System

javaee forum system is a free open source javaee forum source code system , using springMVC mybatis framework development. javaee forum system has an arbitrary file download vulnerability , an attacker can forge files through the path in the request to download the site configuration or system...

Redhat Wildfly Denial of Service Vulnerability

Red Hat Wildfly formerly known as JBoss Application Server is a U.S. Red Hat Red Hat company based on JavaEE open source application server. A denial of service vulnerability exists in Redhat Wildfly. An attacker could exploit this vulnerability to cause a denial of service...

Oracle GlassFish Server Remote Security Vulnerability (CNVD-2017-00928)

Oracle GlassFish Server is the United States Oracle Oracle company's set of Java Platform, Java EE 6 specification can be realized solution. The program provides flexible, lightweight and ready to use for the development of applications Java EE 6 application server. A remote security vulnerabilit...

Redhat JBoss Enterprise Application Platform Information Disclosure Vulnerability

Red Hat JBoss Enterprise Application Platform EAP is an open source, J2EE-based middleware platform from Red Hat, Inc. that builds, deploys, and hosts Java applications and services.WildFly is an open source application server based on JavaEE. WildFly is an open source application server based on...

Red Hat Wildfly Information Disclosure Vulnerability

Red Hat Wildfly formerly known as JBoss Application Server is a U.S. Red Hat Red Hat company based on JavaEE open source application server. An information disclosure vulnerability exists in Red Hat Wildfly. An attacker could exploit this vulnerability to bypass filter restrictions...

ZvingSoft SQL Injection Vulnerability

ZvingSoft ZCMS is a set of enterprise-level web content management system CMS based on J2EE technology and AJAX technology. ZvingSoft ZCMS suffers from a SQL injection vulnerability that could be exploited by remote attackers to submit specially crafted SQL queries to manipulate or obtain databas...

WebGate Control Center Multiple Control Buffer Overflow Vulnerability

WebGate is an APM solution for real-time monitoring and performance management of business-critical systems based on J2EE architecture. A buffer overflow vulnerability exists in multiple controls in WebGate Control Center, which allows attackers to exploit the vulnerability to build malicious web...

Unspecified Vulnerability in Oracle Containers for J2EE

Oracle Containers for J2EE is a lightweight SOA container. A security vulnerability exists in Oracle Containers for J2EE that could be exploited by remote attackers to compromise system confidentiality...

Apache Struts ClassLoader操作漏洞

CVE ID：CVE-2014-0094 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。 该应用程序允许访问直接映射到“getClass（）”方法的“class”参数 ，这可以被利用来操纵所使用的应用程序服务器的ClassLoader。 0 Apache Struts 2.x 厂商补丁： Apache ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://struts.apache.org/release/2.3.x/docs/s2-020.html...