Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9852 matches found

Check Point Advisories
Check Point Advisoriesadded 2009/04/30 12:0 a.m.4 views

Update Protection against Oracle Application Server BPEL Module Cross Site Scripting

Oracle Application Server is vulnerable to cross-site scripting due to lack of validation of user supplied data. Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The flaw may be exploited by attackers to execute arbitrary...

5.5CVSS6.3AI score0.01018EPSS
Exploits1
Check Point Advisories
Check Point Advisoriesadded 2009/04/27 12:0 a.m.7 views

Oracle BEA WebLogic IIS connector JSESSIONID Stack Buffer Overflow (CVE-2008-5457)

BEA WebLogic is a Java Application Server platform typically used as the platform for large enterprise web applications. Specifically, the vulnerability exists in the connector software for Apache HTTP server shipped with BEA WebLogic. BEA WebLogic Platform ships with a connector for Apache HTTP...

10CVSS6.2AI score0.61309EPSS
Exploits12
Check Point Advisories
Check Point Advisoriesadded 2009/04/24 12:0 a.m.1 views

Update Protection against Oracle Application Server 10g OPMN Service Format String Vulnerability

A vulnerability was reported in Oracle Application Server, a multi-platform solution for developing and deploying enterprise applications and web sites. The flaw is due to insufficient validation of the URI part of HTTP requests. Remote attackers could exploit this vulnerability by sending a...

7.5CVSS7AI score0.07945EPSS
Exploits1
Prion
Prionadded 2009/04/17 2:30 p.m.15 views

Directory traversal

Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...

9.4CVSS7.2AI score0.35929EPSS
Exploits1References11Affected Software1
Prion
Prionadded 2009/04/17 2:30 p.m.18 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that 1 change the web administration password, 2 upload application...

6.8CVSS7.8AI score0.11059EPSS
Exploits2References7Affected Software1
Cvelist
Cvelistadded 2009/04/17 2:0 p.m.23 views

CVE-2008-5518

Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the 1 group, 2 artifact, 3 version, or 4 fileType...

7.8AI score0.35929EPSS
Exploits1References11
CVE
CVEadded 2009/04/17 2:0 p.m.85 views

CVE-2009-0039

Apache Geronimo Application Server CSRF vulnerabilities (CVE-2009-0039) affect the web administration console in Geronimo 2.1–2.1.3. The issue allows remote attackers to hijack administrator sessions and perform actions (e.g., change password, upload apps, Shutdown) via forgery. The CVE descripti...

6.8CVSS7.9AI score0.11059EPSS
Exploits2References7Affected Software1
CVE
CVEadded 2009/04/17 2:0 p.m.76 views

CVE-2008-5518

CVE-2008-5518 corresponds to multiple directory traversal vulnerabilities in the Apache Geronimo Application Server 2.1–2.1.3 on Windows, affecting the web administration console. A remote attacker could upload files to arbitrary directories via traversal sequences in parameters for the Services/...

9.4CVSS7.6AI score0.35929EPSS
Exploits1References11Affected Software1
Tenable Nessus
Tenable Nessusadded 2009/04/17 12:0 a.m.27 views

IBM WebSphere Application Server < 6.1.0.23 Multiple Vulnerabilities

Binary data 4996.prm...

10CVSS7.3AI score0.05979EPSS
Exploits1References11
Exploit DB
Exploit DBadded 2009/04/16 12:0 a.m.25 views

Apache Geronimo 2.1.x - &#039;/console/portal/&#039; URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability - Multiple HTML-injection vulnerabilities - A cross-site request-forgery...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2009/04/16 12:0 a.m.12 views

Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)

Apache Geronimo 2.1.x - Cross-Site Request Forgery Multiple Admin Function source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site scripting vulnerability -...

0.9AI score
Exploits0
exploitpack
exploitpackadded 2009/04/16 12:0 a.m.12 views

Apache Geronimo 2.1.x - consoleportalServerMonitoring Multiple Cross-Site Scripting Vulnerabilities

Apache Geronimo 2.1.x - consoleportalServerMonitoring Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34562/info Apache Geronimo Application Server is prone to multiple remote vulnerabilities: - Multiple directory-traversal vulnerabilities - A cross-site...

7AI score
Exploits0
NVD
NVDadded 2009/04/15 10:30 a.m.21 views

CVE-2009-1011

Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented o...

4.4CVSS5.7AI score0.00434EPSS
Exploits2References8
NVD
NVDadded 2009/04/15 10:30 a.m.25 views

CVE-2009-1008

Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010...

4.4CVSS5.6AI score0.00419EPSS
Exploits1References7
Prion
Prionadded 2009/04/15 10:30 a.m.13 views

Format string

Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable...

7.5CVSS7.4AI score0.07945EPSS
Exploits1References8Affected Software1
Prion
Prionadded 2009/04/15 10:30 a.m.13 views

Design/Logic Flaw

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407...

4.3CVSS6.1AI score0.0294EPSS
Exploits1References6Affected Software1
Prion
Prionadded 2009/04/15 10:30 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010...

4.4CVSS5.8AI score0.00419EPSS
Exploits2References7Affected Software2
NVD
NVDadded 2009/04/15 10:30 a.m.18 views

CVE-2009-0983

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-3407...

4.3CVSS5.9AI score0.02665EPSS
Exploits1References6
NVD
NVDadded 2009/04/15 10:30 a.m.15 views

CVE-2009-0993

Unspecified vulnerability in the OPMN component in Oracle Application Server 10.1.2.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable...

7.5CVSS6.8AI score0.07945EPSS
Exploits1References8
Prion
Prionadded 2009/04/15 10:30 a.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0983 and CVE-2009-3407...

4.3CVSS6.1AI score0.0294EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder