19 matches found
EUVD-2000-0681
Malware in sbrugna...
EUVD-2010-0673
Malware in sbrugna...
EUVD-1999-1111
Malware in sbrugna...
Netscape Enterprise Server 3.51/3.6 JHTML View Source Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/559/info Netscape Enterprise Server 3.51 and above includes a search engine by default. The results it generates can be tailored using various configuration files, and one of the options is whether or not the full text of...
Design/Logic Flaw
Cisco Collaboration Server CCS 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by 1 changing .jhtml to %2Ejhtml, 2 changing .jhtml to .jhtm%6C, 3 appending %00 after .jhtml, and 4 appending %c0%80 after .jhtml,...
CVE-2010-0642
Cisco Collaboration Server CCS 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by 1 changing .jhtml to %2Ejhtml, 2 changing .jhtml to .jhtm%6C, 3 appending %00 after .jhtml, and 4 appending %c0%80 after .jhtml,...
CVE-2010-0642
Cisco Collaboration Server CCS 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by 1 changing .jhtml to %2Ejhtml, 2 changing .jhtml to .jhtm%6C, 3 appending %00 after .jhtml, and 4 appending %c0%80 after .jhtml,...
CVE-2010-0642
Cisco Collaboration Server 5 is affected by CVE-2010-0642, a source-code disclosure vulnerability that lets remote attackers read JHTML files by crafting URL-encoded filename extensions (e.g., .jhtml → %2Ejhtml, .jhtml → .jhtm%6C, etc.). The affected components include multiple CCS web interfaces...
CVE-1999-1130
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file...
CVE-1999-1130
Technical details about CVE-1999-1130 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2000-0685
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file...
CVE-2000-0685
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file...
CVE-2000-0685
BEA WebLogic 5.1.x is vulnerable because PageCompileServlet does not properly restrict access, allowing remote attackers to compile and execute Java JHTML code by invoking the servlet on any source file. The issue stems from inadequate access controls for the servlet, enabling arbitrary code exec...
FS-073100-10-BEA.txt
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory BEA's WebLogic .jsp/.jhtml remote command execution ---------------------------------------------------------------------- FS Advisory ID: FS-073100-10-BEA Release Date: July 31, 2000 Product: WebLogic Vendo...
BEA's WebLogic *.jsp/*.jhtml remote command execution
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory BEA's WebLogic .jsp/.jhtml remote command execution ---------------------------------------------------------------------- FS Advisory ID: FS-073100-10-BEA Release Date: July 31, 2000 Product: WebLogic Vendo...
BEA WebLogic JSP showcode vulnerability
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory BEA's WebLogic ---------------------------------------------------------------------- FS Advisory ID: FS-061200-2-BEA Release Date: June 12, 2000 Product: WebLogic Vendor: BEA Systems http://www.beasys.com...
CVE-1999-1130
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file...
Netscape Enterprise Server 3.513.6 - JHTML View Source
Netscape Enterprise Server 3.513.6 - JHTML View Source source: https://www.securityfocus.com/bid/559/info Netscape Enterprise Server 3.51 and above includes a search engine by default. The results it generates can be tailored using various configuration files, and one of the options is whether or...
Netscape Enterprise Server 3.51/3.6 - JHTML View Source
source: https://www.securityfocus.com/bid/559/info Netscape Enterprise Server 3.51 and above includes a search engine by default. The results it generates can be tailored using various configuration files, and one of the options is whether or not the full text of a resultant page is displayed. Th...