Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2010/04/28 10:0 p.m.13 views

CVE-2010-1428

The Web Console aka web-console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an...

6.4AI score0.62308EPSS
Exploits4References11
RedHat Linux
RedHat Linux
added 2010/04/27 3:55 a.m.6 views

JBoss Application Server Web Console Authentication bypass

The Web Console aka web-console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an...

7.5CVSS7.5AI score0.62308EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2009/12/10 12:3 a.m.8 views

JBoss Application Server Web Console XSS

Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...

4.3CVSS5.8AI score0.0253EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2009/12/10 12:0 a.m.1461 views

Red Hat JBoss Multiple Products Detection (HTTP)

HTTP based detection of multiple Red Hat JBoss products. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/12/09 11:14 p.m.3 views

JBoss Application Server Web Console XSS

Multiple cross-site scripting XSS vulnerabilities in the Web Console in the Application Server in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2.0 before 4.2.0.CP08, 4.2.2GA, 4.3 before 4.3.0.CP07, and 5.1.0GA allow remote attackers to inject arbitrary web script or HTML...

4.3CVSS5.8AI score0.0253EPSS
Exploits1References4
Rows per page
Query Builder