303 matches found
Code injection
UNSUPPORTED WHEN ASSIGNED Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most...
CVE-2021-3314
Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for...
PT-2021-20055 · Oracle · Oracle Glassfish Server
Name of the Vulnerable Software and Affected Versions: Oracle GlassFish Server versions 3.1.2.18 and below Description: The issue allows a malicious user to cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the...
Oracle GlassFish Server 跨站脚本漏洞
Oracle GlassFish Server is an application from Oracle Corporation.Oracle GlassFish Server is built using the GlassFish Server Open Source Edition to provide a flexible, lightweight, and production-ready Java EE 6 application server. Oracle GlassFish Server suffers from a cross-site scripting...
Oracle GlassFish Server < 3.0.1.22 Multiple Vulnerabilities
According to its self-reported version number, the Oracle GlassFish Server running on the remote host is prior to 3.0.1.22. It is, therefore, affected by multiple vulnerabilities: - A local file inclusion vulnerability exists in Oracle GlassFish Server due to an insufficent level of user input...
Oracle Glassfish Installed (Windows)
Binary data oracleglassfishlocalwininstalled.nbin...
Oracle Glassfish Installed (Linux/UNIX)
Binary data oracleglassfishlocalnixinstalled.nbin...
The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform allows attackers to modify sensitive information or cause service failures.
The vulnerability of the Java Server Faces component of the Oracle GlassFish Server software platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify protected information or cause service failures...
Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)
According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, therefore, affected by multiple vulnerabilities: - A vulnerability could allow an Attacker with unauthenticated network access to compromise Oracle GlassFish Server....
FreeBSD : payara -- Multiple vulnerabilities (d70c9e18-f340-11e8-be46-0019dbb15b3f)
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution. Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability...
CVE-2018-3152
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
CVE-2018-3152
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
CVE-2018-2911
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
Buffer overflow
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
Buffer overflow
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
CVE-2018-3210
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
CVE-2018-3152
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
CVE-2018-2911
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...
Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38557)
Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...
Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38558)
Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...