8 matches found
EUVD-2008-2578
Malware in sbrugna...
EUVD-2005-4544
Malware in sbrugna...
CVE-2008-2583
CVE-2008-2583 affects Oracle Portal’s sample Discussion Forum Portlet (Oracle Application Server 10g). The vulnerability resides in the Discussion Forum Portlet distributed via OTN prior to 20080715, enabling remote exploitation over a network with unknown impact per the initial description, but ...
CVE-2005-4550
The PORTAL schema in Oracle Application Server OracleAS Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a dfnextpage parameter with a trailing null byte %00...
CVE-2005-4549
CVE-2005-4549 describes a cross-site scripting (XSS) vulnerability in the Oracle Application Server (OracleAS) Discussion Forum Portlet. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the RowKeyValue parameter in the PORTAL schema and the title and content fi...
CVE-2005-4550
CVE-2005-4550 affects the PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet. The vulnerability allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter that can contain a trailing null byte (%00). This is caused ...
[Full-disclosure] SEC Consult SA-20051223-1 :: File Disclosure using df_next_page parameter in OracleAS Discussion Forum Portlet
SEC Consult Security Advisory 20051223-1 ======================================================================== title: File Disclosure using dfnextpage parameter in OracleAS Discussion Forum Portlet program: OracleAS Discussion Forum Portlet vulnerable version: Version of May 2005 homepage:...
[Full-disclosure] SEC Consult SA-20051223-0 :: Multiple Cross Site Scripting Vulnerabilities in OracleAS Discussion Forum Portlet
SEC Consult Security Advisory 20051223-0 ======================================================================== title: Multiple Cross Site Scripting Vulnerabilities in OracleAS Discussion Forum Portlet program: OracleAS Discussion Forum Portlet vulnerable version: Version of May 2005 homepage:...