Lucene search
+L

257 matches found

cvelist
cvelist
added 2006/10/18 1:0 a.m.24 views

CVE-2006-5361

Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln OC4J03...

9.1AI score0.0231EPSS
Exploits0References8
cve
cve
added 2006/10/18 1:0 a.m.63 views

CVE-2006-5364

Technical details for CVE-2006-5364 are not publicly available in the provided documents; monitor for updates from official advisories.

2.1CVSS8.7AI score0.01312EPSS
Exploits0References8Affected Software2
cve
cve
added 2006/10/18 1:0 a.m.68 views

CVE-2006-5356

Technical details for CVE-2006-5356 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.

10CVSS9.1AI score0.0231EPSS
Exploits0References8Affected Software2
cve
cve
added 2006/10/18 1:0 a.m.73 views

CVE-2006-5361

Technical details for CVE-2006-5361 are not publicly provided in the supplied documents; monitor for updates.

10CVSS9.1AI score0.0231EPSS
Exploits0References8Affected Software2
cvelist
cvelist
added 2006/10/18 1:0 a.m.25 views

CVE-2006-5356

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln OC4J02...

9.1AI score0.0231EPSS
Exploits0References8
cvelist
cvelist
added 2006/10/18 1:0 a.m.22 views

CVE-2006-5364

Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.1 and 10.1.2.0.2, and Collaboration Suite 10.1.2, has unknown impact and remote authenticated attack vectors, aka Vuln OC4J05...

8.7AI score0.01312EPSS
Exploits0References8
seebug
seebug
added 2006/08/17 12:0 a.m.18 views

Apache Geronimo跨站脚本和HTML注入漏洞

BUGTRAQ ID: 16260 Apache Geronimo是Apache软件基金会的开放源码J2EE服务器。 Apache Geronimo由于没有正确的验证用户输入,导致Geronimo中存在跨站脚本和HTML注入漏洞,远程攻击者可以利用这些漏洞执行任意代码或窃取敏感信息。 Apache Group Geronimo 1.0 Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
packetstorm
packetstorm
added 2006/05/22 12:0 a.m.45 views

sa-caucho.txt

ScanAlert Security Advisory http://www.scanalert.com Caucho Resin Multiple Vulnerabilities - Arbitrary File Access & Information Disclosure Date: 5/16/06 Vendor: Caucho Package: Resin Version: 3.0.17 and 3.0.18 – Vendor Confirmed Credit: ScanAlert’s Security and Enterprise Services Teams. Risk:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/12/17 12:0 a.m.38 views

EPiX™ Search query XSS vuln.

EPiX™ Search query XSS vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/epix-search-query-xss-vuln.html vendor:http://www.go-epix.net/ affected version:3.1.2 and prior Product Description: EPIX is a low cost portal solution with CMS...

6AI score
Exploits0
nvd
nvd
added 2005/11/02 11:3 a.m.21 views

CVE-2005-3449

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln 1 AS02 in Containers for J2EE, 2 AS07 in Internet Directory, 3 AS09 in Report Server, and 4 AS11 in Web Cache...

10CVSS6.5AI score0.05751EPSS
Exploits0References7
cve
cve
added 2005/08/16 4:0 a.m.53 views

CVE-2004-2331

Summary of CVE-2004-2331 (ColdFusion MX 6.1 / 6.1 J2EE): Local users could bypass sandbox security and access sensitive information by using Java reflection to reach trusted Java objects without invoking CreateObject or the cfobject tag. The issue affects ColdFusion MX 6.1 and ColdFusion MX 6.1 J...

5.5CVSS6.6AI score0.00673EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2005/04/21 4:0 a.m.26 views

CVE-2004-0928

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm"...

6.7AI score0.04075EPSS
Exploits0References9
cve
cve
added 2005/04/21 4:0 a.m.78 views

CVE-2004-0928

The CVE-2004-0928 family affects Adobe JRun 4.x servers (and ColdFusion MX 6.0/6.1/J2EE) when running with IIS, where a crafted request ending in ";.cfm" can bypass authentication and disclose script/source content (e.g., .asp, .pl, .php). Connected advisories describe URL handling flaws that tri...

5CVSS6.9AI score0.04075EPSS
Exploits0References9Affected Software4
nessus
nessus
added 2005/04/14 12:0 a.m.15 views

Oracle Application Server J2EE Container Detection

Binary data 2831.prm...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2004/01/20 12:0 a.m.33 views

J2EE code execution

It's possible to execute external application in SQL request to pointbase database...

2.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2003/12/17 12:0 a.m.108 views

J2EE 1.4 reference implementation: database component allows remote code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Illegalaccess.org security advisory i/12-2003 www.illegalaccess.org J2EE 1.4 reference implementation: database component allows remote code execution Brief ===== Product : J2EE reference implementation java.sun.com/j2ee/download.html Component :...

8.9AI score
Exploits0
nessus
nessus
added 2002/07/01 12:0 a.m.787 views

Multiple Server Crafted Request WEB-INF Directory Information Disclosure

By making a specially-formatted request to the remote web server, it is possible to retrieve files located under the 'WEB-INF' directory. Note that this vulnerability is known to affect the Win32 versions of multiple J2EE servlet containers / application servers. %NASLMINLEVEL 70300 This script w...

5CVSS7.3AI score0.04534EPSS
Exploits0References7
Rows per page
Query Builder