9841 matches found
CVE-2005-1383
The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server modaccess restrictions via a request to the webcache TCP port 7778...
CVE-2005-1383
The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server modaccess restrictions via a request to the webcache TCP port 7778...
CVE-2005-1383
The CVE-2005-1383 issue affects Oracle Application Server’s Oracle HTTP Server (OHS) when UseWebCacheIP is disabled. An attacker can bypass mod_access restrictions by sending a request to the webcache TCP port 7778, leading to unauthorized access to protected resources. Connected advisories confi...
CVE-2005-0742
Cross-site scripting XSS vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
CVE-2005-1112
IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages .jsp via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the...
Oracle Application Server Webcache Requests OHS mod_access Restriction Bypass
The version of Oracle HTTP Server OHS installed on the remote host fails to prevent users from accessing protected URLs by using the Web Cache rather than OHS directly. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18181; scriptversion"1.17";...
Oracle Application Server 9i Webcache - Arbitrary File Corruption
Oracle Application Server 9i Webcache - Arbitrary File Corruption source: https://www.securityfocus.com/bid/13420/info Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain paramete...
Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting
Oracle Application Server 9i - Webcache Cachedumpfile Cross-Site Scripting source : https://www.securityfocus.com/bid/13421/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application ...
Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass
Oracle Application Server 9.0 - HTTP Service ModAccess Restriction Bypass source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. Th...
IBM WebSphere Application Server crossite scripting
Crossite scripting with error pages...
BEA application server Admin console crossite scripting
Crossite scripting with http://server:8001/console/actions/jndi/JndiFramesetAction/...
Append file in Oracle Webcache 9i
Name Append file vulnerability in Oracle Webcache 9i Systems Affected Oracle Application Server with Webcache 9i Severity Medium Risk Category Corruption of files Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 2005 V 1.00 Advisory...
Oracle Application Server Web Cache OHS mod_access Authentication Bypass
Binary data 2866.prm...
Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting
Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting source: https://www.securityfocus.com/bid/13422/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the...
Oracle Application Server 9i Webcache - Arbitrary File Corruption
source: https://www.securityfocus.com/bid/13420/info Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to construct a URI that contains an...
Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting
source : https://www.securityfocus.com/bid/13421/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamical...
Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass
source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. This is accomplished using 'modaccess'. A URI that is listed is not supposed...
Cross Site Scripting in Oracle Webcache 9i
Name Cross Site Scripting in Oracle Webcache 9i Systems Affected Oracle Application Server with Webcache 9i Severity Low Risk Category Cross Site Scripting Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 2005 V 1.00 Advisory AKSEC2003-011 Ti...
Webcache Client Requests bypasses OHS mod_access restrictions
Name Webcache Client Requests bypasses OHS modaccess Restrictions Systems Affected Oracle Application Server - OHS 1.0.2 - 10.x Severity Low Risk Category Bypass protected URLs via Webcache Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 200...
CVE-2005-1112
The vulnerability CVE-2005-1112 affects IBM WebSphere Application Server 6.0 and earlier when the web server shares its document root. An HTTP request with an invalid/ nonexistent Host header causes the request to be processed by the web server instead of the JSP engine, allowing remote attackers...