Lucene search
K

318 matches found

securityvulns
securityvulns
added 2005/02/14 12:0 a.m.25 views

IBM WebSphere Java Server Pages (JSP) source code leak

No description provided...

1.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/07/25 12:0 a.m.39 views

Integrigy Security Alert - Oracle E-Business Suite AOL/J Setup Test Information Disclosure

Integrigy Security Alert Oracle E-Business Suite AOL/J Setup Test Information Disclosure July 23, 2003 Summary: The Oracle Applications AOL/J Setup Test Suite, used to trouble-shoot the Self-Service framework, can be exploited to remotely retrieve sensitive configuration and host information...

0.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.23 views

CVE-2002-2347

Cross-site scripting XSS vulnerability in Oracle Java Server Page OJSP demo files 1 hellouser.jsp, 2 welcomeuser.jsp and 3 usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field...

4.3CVSS5.4AI score0.01704EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-1822

IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page JSP...

5CVSS6.4AI score0.02096EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.20 views

CVE-2002-2007

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...

5CVSS6.3AI score0.41399EPSS
Exploits1References10
NVD
NVD
added 2002/10/04 4:0 a.m.21 views

CVE-2002-0937

The Java Server Pages JSP engine in JRun allows web page owners to cause a denial of service engine crash on the web server via a JSP page that calls WPrinterJob.pageSetupnull,null...

5CVSS6.4AI score0.07399EPSS
Exploits1References3
NVD
NVD
added 2002/10/04 4:0 a.m.20 views

CVE-2002-0936

The Java Server Pages JSP engine in Tomcat allows web page owners to cause a denial of service engine crash on the web server via a JSP page that calls WPrinterJob.pageSetupnull,null...

5CVSS6.4AI score0.26849EPSS
Exploits1References7
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.22 views

CVE-2002-0936

The Java Server Pages JSP engine in Tomcat allows web page owners to cause a denial of service engine crash on the web server via a JSP page that calls WPrinterJob.pageSetupnull,null...

6.4AI score0.26849EPSS
Exploits1References7
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.20 views

CVE-2002-0937

The Java Server Pages JSP engine in JRun allows web page owners to cause a denial of service engine crash on the web server via a JSP page that calls WPrinterJob.pageSetupnull,null...

6.4AI score0.07399EPSS
Exploits1References3
exploitpack
exploitpack
added 2002/04/21 12:0 a.m.11 views

vqServer 1.9.x - CGI Demo Program Script Injection

vqServer 1.9.x - CGI Demo Program Script Injection source: https://www.securityfocus.com/bid/4573/info vqServer is a HTTP server implemented in Java. vqServer is available on any architecture supporting Java, including Linux and Microsoft Windows. Reportedly, numerous default CGI scripts included...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2001/11/29 12:0 a.m.36 views

JRun SSI Request Body Parsing

Vulnerable Products: JRun Java application server from Allaire. All current versions with latest security patches as of November 2001 are believed to be affected, including 2.3.3, 3.0, and 3.1. Impact: Revealing of source code to Java Server Pages, and other protected files inside the web root...

7.8AI score
Exploits0
NVD
NVD
added 2001/11/28 5:0 a.m.24 views

CVE-2001-0926

SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages .jsp and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an include statement...

5CVSS6.8AI score0.02469EPSS
Exploits0References4
exploitpack
exploitpack
added 2001/08/16 12:0 a.m.9 views

Jakarta Tomcat 3.x4.0 - Error Message Information Disclosure

Jakarta Tomcat 3.x4.0 - Error Message Information Disclosure source: https://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of th...

7.2AI score
Exploits0
CVE
CVE
added 2000/10/13 4:0 a.m.67 views

CVE-2000-0146

The CVE-2000-0146 issue affects the Java Server in Novell GroupWise Web Access Enhancement Pack. A remote attacker can cause a denial of service by sending an excessively long URL to the servlet, leading to availability impact. Connected sources corroborate a URL-length-based DoS vector (e.g., lo...

5CVSS6.6AI score0.06336EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2000/06/13 12:0 a.m.43 views

BEA WebLogic JSP showcode vulnerability

Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory BEA's WebLogic ---------------------------------------------------------------------- FS Advisory ID: FS-061200-2-BEA Release Date: June 12, 2000 Product: WebLogic Vendor: BEA Systems http://www.beasys.com...

Exploits0
Positive Technologies
Positive Technologies
added 2000/06/08 12:0 a.m.6 views

PT-2000-1437 · Bea · Bea Weblogic

Name of the Vulnerable Software and Affected Versions: BEA WebLogic versions 3.1.8 through 4.5.1 Description: The default configuration of the software allows a remote attacker to view the source code of a JSP program. This can be achieved by requesting a URL that provides the JSP extension in...

7.5CVSS6.8AI score0.02512EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2000/06/08 12:0 a.m.3 views

PT-2000-1435 · Ibm · Ibm Websphere Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere server version 3.0.2 Description: The issue allows a remote attacker to view the source code of a JSP program. This can be achieved by requesting a URL that provides the JSP extension in upper case. Recommendations: For IBM...

7.5CVSS6.6AI score0.03066EPSS
Exploits0References6
NVD
NVD
added 2000/02/07 5:0 a.m.23 views

CVE-2000-0146

The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet...

5CVSS6.6AI score0.06336EPSS
Exploits1References2
Rows per page
Query Builder