Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

9 matches found

EUVD
EUVDβ€’added 2025/10/07 12:30 a.m.β€’3 views

EUVD-2004-1471

Malware in sbrugna...

4.3CVSS6.4AI score0.03049EPSS
Exploits0References7
NVD
NVDβ€’added 2007/02/14 2:28 a.m.β€’12 views

CVE-2006-5860

Cross-site scripting XSS vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.6AI score0.02024EPSS
Exploits0References8
securityvulns
securityvulnsβ€’added 2005/12/20 12:0 a.m.β€’64 views

[SA18077] Macromedia JRun Server Two Vulnerabilities

TITLE: Macromedia JRun Server Two Vulnerabilities SECUNIA ADVISORY ID: SA18077 VERIFY ADVISORY: http://secunia.com/advisories/18077/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information, DoS WHERE: From remote SOFTWARE: Macromedia Jrun 4.x http://secunia.com/product/863/...

0.1AI score
Exploits0
CVE
CVEβ€’added 2005/04/21 4:0 a.m.β€’73 views

CVE-2004-0928

The CVE-2004-0928 family affects Adobe JRun 4.x servers (and ColdFusion MX 6.0/6.1/J2EE) when running with IIS, where a crafted request ending in ";.cfm" can bypass authentication and disclose script/source content (e.g., .asp, .pl, .php). Connected advisories describe URL handling flaws that tri...

5CVSS6.9AI score0.20876EPSS
Exploits0References9Affected Software4
Cvelist
Cvelistβ€’added 2005/04/21 4:0 a.m.β€’20 views

CVE-2004-0928

The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm"...

6.7AI score0.20876EPSS
Exploits0References9
CVE
CVEβ€’added 2005/02/13 5:0 a.m.β€’52 views

CVE-2004-1477

CVE-2004-1477 refers to a cross-site scripting (XSS) vulnerability in the Management Console of Macromedia/JRun 4.0. The vulnerability allows remote attackers to inject arbitrary web script/HTML and potentially hijack a user’s session. Connected sources corroborate that this CVE is part of a set ...

4.3CVSS6.2AI score0.03049EPSS
Exploits0References6Affected Software1
CVE
CVEβ€’added 2005/02/13 5:0 a.m.β€’53 views

CVE-2004-1478

CVE-2004-1478 concerns JRun 4.0 where improper generation/handling of JSESSIONID enables remote attackers to perform session fixation and hijack HTTP sessions. Root cause: insecure/JSESSIONID management. Impact: remote session hijacking via fixation. Exploitation details are not provided beyond t...

7.5CVSS6.7AI score0.07163EPSS
Exploits0References6Affected Software4
Cvelist
Cvelistβ€’added 2005/02/13 5:0 a.m.β€’19 views

CVE-2004-1478

JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session...

6.7AI score0.07163EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusβ€’added 2004/09/24 12:0 a.m.β€’46 views

JRun Multiple Vulnerabilities (OF, XSS, ID, Hijacking)

The remote host is running JRun, a J2EE application server running on top of IIS or Apache. There are multiple flaws in the remote version of this software : - The JSESSIONID variable is not implemented securely. An attacker may use this flaw to guess the session id number of other users. Only JR...

10CVSS6.5AI score0.70947EPSS
Exploits4References10
Rows per page
Query Builder