Lucene search
K

303 matches found

CNVD
CNVD
added 2018/10/17 12:0 a.m.7 views

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2019-38557)

Oracle Fusion Middleware is a digital business platform for enterprise and cloud computing, and Oracle GlassFish Server is an implementation of the Java Platform Enterprise Edition Java EE 6 specification that provides a flexible, lightweight, production-ready Java EE 6 application server. An...

7.5CVSS8.1AI score0.02025EPSS
Exploits0References1
0day.today
0day.today
added 2018/08/14 12:0 a.m.73 views

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This...

4CVSS7.8AI score0.99479EPSS
Exploits9
exploitpack
exploitpack
added 2018/08/14 12:0 a.m.75 views

Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)

Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE:...

0.1AI score0.99479EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.120 views

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This module exploits an unauthenticated directory traversal...

7.5CVSS7.4AI score0.99479EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.82 views

Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)

Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE: 2017-1000028 This module requires Metasploit:...

7.5CVSS7.4AI score0.99479EPSS
Exploits7
Packet Storm
Packet Storm
added 2018/08/13 12:0 a.m.81 views

Oracle GlassFish Server 4.1 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This module exploits an unauthenticated directory traversal...

5CVSS0.4AI score0.99479EPSS
Exploits7
Metasploit
Metasploit
added 2018/07/31 12:29 p.m.88 views

Path Traversal in Oracle GlassFish Server Open Source Edition

This module exploits an unauthenticated directory traversal vulnerability which exists in administration console of Oracle GlassFish Server 4.1, which is listening by default on port 4848/TCP. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.1AI score0.99479EPSS
Exploits7
OpenVAS
OpenVAS
added 2018/07/17 12:0 a.m.71 views

Oracle GlassFish 5.0 Demo Feature Default Credentials Vulnerability

Oracle GlassFish Server is using default credentials for the demo feature. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS9.6AI score0.04343EPSS
Exploits0References2
Prion
Prion
added 2018/07/16 6:29 p.m.22 views

Design/Logic Flaw

The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a...

10CVSS9AI score0.04343EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2018/07/16 6:29 p.m.29 views

CVE-2018-14324

The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a...

10CVSS7.2AI score0.04343EPSS
Exploits0References2
NVD
NVD
added 2018/07/16 6:29 p.m.22 views

CVE-2018-14324

The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a...

10CVSS9.2AI score0.04343EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/16 6:0 p.m.21 views

CVE-2018-14324

The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a...

9.2AI score0.04343EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/07/16 6:0 p.m.39 views

CVE-2018-14324

Removed by vendor...

10CVSS9.5AI score0.04343EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/19 12:0 a.m.959 views

Oracle GlassFish Server URL normalization Denial of Service

The instance of Oracle GlassFish Server running on the remote host is affected by an authenticated and unauthenticated denial of service vulnerability. The vulnerability is a result of an infinite loop in the normalize method in com.sun.jsftemplating.util.fileStreamer.ResourceContentSource. A...

5.6AI score
Exploits0References1
CNVD
CNVD
added 2018/06/13 12:0 a.m.2 views

Oracle Sun GlassFish Enterprise Server CSRF Vulnerability

Oracle GlassFish Enterprise Server is an open source and open community platform for building and deploying next-generation applications and services. A CSRF vulnerability exists in Oracle Sun GlassFish Enterprise Server, which can be exploited by an attacker to steal user information...

6.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/05/30 12:0 a.m.389 views

Oracle GlassFish Server Path Traversal

The instance of Oracle GlassFish Server running on the remote host is affected by an authenticated and unauthenticated path traversal vulnerability. Remote attacker can exploit this issue, via a specially crafted HTTP request, to access arbitrary files on the remote host. C Tenable Network...

7.5CVSS7.8AI score0.99479EPSS
Exploits7References2
NVD
NVD
added 2017/10/19 5:29 p.m.20 views

CVE-2017-10400

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration Graphical User Interface. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

5.8CVSS4.5AI score0.01212EPSS
Exploits0References3
OSV
OSV
added 2017/10/19 5:29 p.m.4 views

CVE-2017-10400

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration Graphical User Interface. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

5.4CVSS5.8AI score0.01212EPSS
Exploits0References3
NVD
NVD
added 2017/10/19 5:29 p.m.22 views

CVE-2017-10393

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...

6.8CVSS5.8AI score0.0121EPSS
Exploits0References3
OSV
OSV
added 2017/10/19 5:29 p.m.5 views

CVE-2017-10385

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 3.0.1 and 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish...

6.3CVSS7.3AI score0.0121EPSS
Exploits0References3
Rows per page
Query Builder