Lucene search
K

257 matches found

NVD
NVD
added 2016/02/16 3:59 p.m.16 views

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

9.8CVSS9.9AI score0.7106EPSS
Exploits8References8
Vulnrichment
Vulnrichment
added 2016/02/16 3:0 p.m.10 views

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

9.9AI score0.7106EPSS
Exploits8References7
CVE
CVE
added 2016/02/16 3:0 p.m.1037 views

CVE-2016-2386

CVE-2016-2386 affects SAP NetWeaver J2EE Engine 7.40, specifically the UDDI server. The vulnerability is a SQL injection that allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with exploitation attempts documented in PoCs and exploits targeting the UDDI interface ...

9.8CVSS9.8AI score0.7106EPSS
In wildExploits8References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2016/02/16 12:0 a.m.40 views

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS7.6AI score0.7106EPSS
In wildExploits8References12
Fedora
Fedora
added 2015/11/01 10:22 p.m.41 views

[SECURITY] Fedora 21 Update: springframework-3.2.15-1.fc21

Spring is a layered Java/J2EE application framework, based on code publishe d in Expert One-on-One J2EE Design and Development by Rod Johnson Wrox, 2002...

9.6CVSS1.4AI score0.0257EPSS
Exploits1
Fedora
Fedora
added 2015/11/01 9:55 p.m.34 views

[SECURITY] Fedora 22 Update: springframework-3.2.15-1.fc22

Spring is a layered Java/J2EE application framework, based on code publishe d in Expert One-on-One J2EE Design and Development by Rod Johnson Wrox, 2002...

9.6CVSS1.4AI score0.0257EPSS
Exploits1
Fedora
Fedora
added 2015/11/01 2:58 a.m.41 views

[SECURITY] Fedora 23 Update: springframework-3.2.15-1.fc23

Spring is a layered Java/J2EE application framework, based on code publishe d in Expert One-on-One J2EE Design and Development by Rod Johnson Wrox, 2002...

9.6CVSS1.4AI score0.0257EPSS
Exploits1
n0where
n0where
added 2015/10/22 9:5 p.m.16 views

Deliberately Insecure Web Application: OWASP WebGoat

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat in either J2EE or WebGoat for .Net in ASP.NET. In each lesson, users must demonstrate their understanding of a security issue by...

7.5AI score
Exploits0References3
CNVD
CNVD
added 2015/09/23 12:0 a.m.5 views

SAP NetWeaver J2EE Engine BP_FIND_JOBS_WITH_PROGRAM Function Module SQL Injection Vulnerability

SAP NetWeaver J2EE Engine is a service-oriented SAP SAP company's integrated application platform J2EE engine. BPFINDJOBSWITHPROGRAM function is one of the find the request for the specified program module. A SQL injection vulnerability exists in the BPFINDJOBSWITHPROGRAM function module in SAP...

7.5CVSS8.3AI score0.0218EPSS
Exploits1References1
Prion
Prion
added 2015/09/18 2:59 p.m.13 views

Sql injection

SQL injection vulnerability in the BPFINDJOBSWITHPROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.0218EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2015/09/18 2:0 p.m.60 views

CVE-2015-7239

CVE-2015-7239 concerns a SQL injection vulnerability in the SAP NetWeaver J2EE Engine 7.40, specifically in the BP_FIND_JOBS_WITH_PROGRAM function module. The issue allows a remote attacker to execute arbitrary SQL commands through unspecified vectors. Public references (ERPScan advisory ERPSCAN-...

7.5CVSS8.6AI score0.0218EPSS
Exploits1References4Affected Software1
Fedora
Fedora
added 2015/07/16 2:35 a.m.28 views

[SECURITY] Fedora 21 Update: springframework-3.2.14-1.fc21

Spring is a layered Java/J2EE application framework, based on code publishe d in Expert One-on-One J2EE Design and Development by Rod Johnson Wrox, 2002...

5.5CVSS1.4AI score0.02555EPSS
Exploits0
seebug.org
seebug.org
added 2015/02/02 12:0 a.m.23 views

欧朋浏览器之广告主后台敏感信息泄漏漏洞(泄漏内容证明)

简要描述: J2EE架构安全 详细说明: 泄漏点: http://59.151.113.225/WEB-INF/web.xml http://59.151.113.225/WEB-INF/spring/webmvc-config.xml 漏洞证明: Spring+Freemaker 反编译class文件...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/01/29 12:0 a.m.35 views

欧朋浏览器多站配置不当泄漏敏感信息

简要描述: J2EE架构安全 详细说明: 关于WEB-INF WEB-INF是Java的WEB应用的安全目录。所谓安全就是客户端无法访问,只有服务端可以访问的目录。 WEB-INF目录下的敏感目录及文件: classes目录(包含该应用核心的java类编译后的class文件及部分配置文件) lib目录(所用框架、插件或组件的架包) web.xml(重要的配置文件) 泄漏点1. http://59.151.113.213/WEB-INF/web.xml http://59.151.113.213/WEB-INF/spring/webmvc-config.xml...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/27 12:0 a.m.186 views

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2015 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities in the Web Listener subcomponent : - An integer overflow condition exists in libxml2 within file xpath.c, related to XPath expressions when adding a new namespace note. An unauthenticated, remot...

9.3CVSS8.2AI score0.95707EPSS
Exploits20References16
NVD
NVD
added 2015/01/21 6:59 p.m.18 views

CVE-2015-0372

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors...

5CVSS5.8AI score0.02163EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2015/01/21 6:59 p.m.2 views

CVE-2015-0372

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors...

5CVSS5.6AI score0.02163EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/01/21 6:0 p.m.20 views

CVE-2015-0372

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality via unknown vectors...

6.7AI score0.02163EPSS
Exploits0References4
CVE
CVE
added 2015/01/21 6:0 p.m.51 views

CVE-2015-0372

Technical details for CVE-2015-0372 are not publicly available in the provided documents; no affected product/version or root cause is specified here. Monitor for updates.

5CVSS6.7AI score0.02163EPSS
Exploits0References4Affected Software1
erpscan
erpscan
added 2015/01/09 12:0 a.m.15 views

SAP NetWeaver 7.4 (Pmitest servlet) - XSS vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: http://www.sap.com Bugs: XSS Reported: 01.09.2015 Vendor response: 02.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2234918 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

0.2AI score
Exploits0
Rows per page
Query Builder