Sun Java System Web Server ::$DATA Extension Request JSP Resource Disclosure

The remote Sun Java System Web Server or an older version, such as Sun ONE Web Server or iPlanet reveals the source code of '.jsp' files when an attacker appends '::$DATA' to the request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid39618; scriptversion"1.10";...

CVE-2009-2268

Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2268

Cross-site scripting XSS vulnerability in the Cross-Domain Controller CDC servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-2268

CVE-2009-2268 affects Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 where the Cross-Domain Controller (CDC) servlet is vulnerable to cross‑site scripting via unspecified vectors. The issue is evidenced in Nessus/Solaris patches that reference CVE-2009-2268 among related fixes (e.g., ...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Server running on Windows, which is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservxssvulnwin.nasl 5369 2017-02-20 14:48:07Z cfi $ Sun Java System Web Server XSS Vulnerability Windows Authors: Sharath S Copyright: Copyrig...

Sun Java System Web Proxy Server Vulnerabilities (Windows)

This host has Sun Java Web Server running on Linux, which is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservxssvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ Sun Java System Web Server XSS Vulnerability Linux Authors: Sharath S Copyright: Copyright ...

Sun/Oracle Web Server Detection (HTTP)

HTTP based detection of various Sun/Oracle Web Server products. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

Sun Java System Web Proxy Server Vulnerabilities - Windows

Sun Java Web Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java System Web Proxy Server 6.1 < 6.1 SP11 XSS Vulnerability

Sun Java Web Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cross site scripting

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

CVE-2009-1934

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

CVE-2009-1934

Cross-site scripting XSS vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error...

CVE-2009-1934

Sun Java System Web Server 6.1 (Reverse Proxy Plug-in) is vulnerable to an XSS issue (CVE-2009-1934) in scenarios that trigger a 502 Gateway error. The vulnerability affects the Reverse Proxy Plug-in before SP11, allowing remote attackers to inject arbitrary script via the query string. The avail...

Sun Java System Directory Server Online Help Feature Information Disclosure

Sun Java System Directory Server is running on the remote web server. The hosted version is affected by an information disclosure vulnerability. By sending a specially crafted request to the online help feature, it is possible for a remote attacker to determine if certain files exist, and in some...

Solaris Update for Sun Java(TM) System LDAP Java Development Kit 119725-06

Check for the Version of Sun JavaTM System LDAP Java Development Kit OpenVAS Vulnerability Test Solaris Update for Sun JavaTM System LDAP Java Development Kit 119725-06 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is fr...

Sun Java System Calendar Server login.wcap Fmt-out Parameter XSS

The version of Sun Java System Calendar Server running on the remote host fails to sanitize input to the 'Fmt-out' parameter of the 'login.wcap' script before using it to generate dynamic HTML output. An attacker may be able to leverage this to inject arbitrary HTML and script code into a user's...

Cross site scripting

Cross-site scripting XSS vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page...

CVE-2009-1796

CVE-2009-1796 : The connected sources indicate a cross‑site scripting (XSS) vulnerability in Sun Java System Portal Server versions 6.3.1, 7.1, and 7.2. The issue is triggered by vectors related to an error page, allowing remote attackers to inject arbitrary web script or HTML. The sources do not...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...