Lucene search
+L

81 matches found

securityvulns
securityvulns
added 2013/07/19 12:0 a.m.28 views

Sybase EAServer multiple security vulnerabilities

Directory traversal, XML injection, shell characters injection...

3AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/07/03 12:0 a.m.38 views

EAServer <= 6.3.1 Multiple Vulnerabilities

Binary data 6902.prm...

10CVSS7.3AI score0.34012EPSS
Exploits34References24
Tenable Nessus
Tenable Nessus
added 2013/07/03 12:0 a.m.40 views

Sybase EAServer 6.x < 6.3.1 ESD#3 Multiple Code Execution Vulnerabilities

The version of Sybase EAServer installed on the remote host is 6.x prior to 6.3.1 ESD3. It is, therefore, potentially affected by multiple code execution vulnerabilities in the handling of login packets. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

6.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/06/28 12:0 a.m.13 views

Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities

Binary data 6895.prm...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.16 views

Sybase EAServer Detect

Sybase EAServer, an application server, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid67006; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Sybase EAServer Detect"; scriptsummaryenglish:"Checks for Sybase...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/27 12:0 a.m.39 views

Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 6.2.0.12 Build 62012 Multiple Vulnerabilities

The version of Sybase EAServer installed on the remote host is 6.3.1 earlier than 6.3.1.07 Build 63107 or 6.2 earlier than 6.2.0.12 Build 62012. As such, it is potentially affected by multiple vulnerabilities : - An unspecified error can be exploited to access otherwise inaccessible, deployed...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/21 12:0 a.m.17 views

EAServer <= 6.3.1 / 6.2 Multiple Vulnerabilities

Binary data 6935.prm...

7.3AI score
Exploits0References2
NVD
NVD
added 2012/08/15 9:55 p.m.13 views

CVE-2012-4340

Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00931EPSS
Exploits0References2
Prion
Prion
added 2012/08/15 9:55 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2012/08/15 9:0 p.m.50 views

CVE-2012-4340

CVE-2012-4340 is an XSS vulnerability in Sybase EAServer before version 6.1. The issue allows remote attackers to execute arbitrary web script or HTML via unspecified vectors. Connected sources confirm the affected product (Sybase EAServer) and the vulnerability class (XSS), with typical impact b...

4.3CVSS5.8AI score0.00931EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2012/08/15 9:0 p.m.24 views

CVE-2012-4340

Cross-site scripting XSS vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00931EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/05/25 6:34 a.m.6 views

Sybase EAServer vulnerable to cross-site scripting

Overview EAServer contains a cross-site scripting vulnerability. EAServer provided by Sybase is an application server. EAServer contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/05/25 12:0 a.m.20 views

JVN#47662377: Sybase EAServer vulnerable to cross-site scripting

EAServer provided by Sybase is an application server. EAServer contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer...

6.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/04/25 12:0 a.m.30 views

Sybase EAServer Directory Traversal Vulnerability

Sybase EAServer is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks...

5CVSS6.5AI score0.63612EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2012/04/25 12:0 a.m.40 views

Sybase EAServer Directory Traversal Vulnerability - Active Check

Sybase EAServer is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6.5AI score0.63612EPSS
Exploits2References4
Metasploit
Metasploit
added 2012/01/06 8:24 p.m.41 views

Sybase Easerver 6.3 Directory Traversal

This module exploits a directory traversal vulnerability found in Sybase EAserver's Jetty webserver on port 8000. Code execution seems unlikely with EAserver's default configuration unless the web server allows WRITE permission. This module requires Metasploit: https://metasploit.com/download...

5CVSS0.63612EPSS
Exploits2
NVD
NVD
added 2011/06/09 9:55 p.m.20 views

CVE-2011-2474

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.../../\ sequence in a path...

5CVSS6.5AI score0.63612EPSS
Exploits2References1
Prion
Prion
added 2011/06/09 9:55 p.m.22 views

Directory traversal

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.../../\ sequence in a path...

5CVSS7AI score0.63612EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2011/06/09 9:0 p.m.27 views

CVE-2011-2474

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.../../\ sequence in a path...

6.5AI score0.63612EPSS
Exploits2References1
CVE
CVE
added 2011/06/09 9:0 p.m.68 views

CVE-2011-2474

CVE-2011-2474 affects Sybase EAServer 6.3.1 Developer Edition (HTTP Server). The vulnerability is a directory traversal issue that allows remote attackers to read arbitrary files by sending a path containing a /.../ sequence. The published CVSS base score in NVD is 5.0 (Medium) with network acces...

5CVSS6.7AI score0.63612EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder