129 matches found
SAP Crystal Reports 2008 Directory Traversal
SAP Crystal Reports is a business intelligence application which is used to design and generate reports from various data sources. These sources include databases, spreadsheets, text files, XML files, etc. SAP Crystal Reports installation includes Tomcat Web server and various servlet components ...
CVE-2009-5000
Multiple cross-site scripting XSS vulnerabilities in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages...
Adobe JRun 4 Server File Disclosure (CVE-2004-0928)
Adobe JRun is an application server used to deploy J2EE Java 2 Enterprise Edition applications, JSPs Java Server Pages, and other Java applications. It can be used as a stand-alone web server or can be accessed through other web servers including IIS and Apache. With IIS, JRun can be registered t...
tomcat examples jsp XSS
Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...
tomcat manager example DoS
Multiple cross-site scripting XSS vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 el/functions.jsp, 2 el/implicit-objects.jsp, and 3 jspx/textRotate.jspx in examples/jsp2/, as demonstrated via...
tomcat XSS in example webapps
Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...
tomcat5 security update
CentOS Errata and Security Advisory CESA-2007:0871 Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java...
Moderate: Red Hat Security Advisory: tomcat security update
Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java Servlet and Java Server Pages technologies. Tomcat...
tomcat examples jsp XSS
Multiple cross-site scripting XSS vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via...
tomcat manager example DoS
Multiple cross-site scripting XSS vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 el/functions.jsp, 2 el/implicit-objects.jsp, and 3 jspx/textRotate.jspx in examples/jsp2/, as demonstrated via...
CVE-2005-4805
Technical details about CVE-2005-4805 are not publicly available in the provided documents; no specifics on affected product versions, vectors, or fixes are provided. Monitor for updates.
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...
CVE-2005-1112
IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages .jsp via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the...
CVE-2005-0425
Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages .jsp via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine...
CVE-2005-1112
IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages .jsp via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the...
CVE-2005-0425
Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages .jsp via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine...
[SA14274] IBM WebSphere Application Server JSP Source Code Disclosure
TITLE: IBM WebSphere Application Server JSP Source Code Disclosure SECUNIA ADVISORY ID: SA14274 VERIFY ADVISORY: http://secunia.com/advisories/14274/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: IBM WebSphere Application Server 6.x...
IBM WebSphere Java Server Pages (JSP) source code leak
No description provided...
Integrigy Security Alert - Oracle E-Business Suite AOL/J Setup Test Information Disclosure
Integrigy Security Alert Oracle E-Business Suite AOL/J Setup Test Information Disclosure July 23, 2003 Summary: The Oracle Applications AOL/J Setup Test Suite, used to trouble-shoot the Self-Service framework, can be exploited to remotely retrieve sensitive configuration and host information...
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...