12 matches found
EUVD-2020-2990
Malware in sbrugna...
CVE-2020-10537
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account...
Default configuration
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account...
CVE-2020-10537
Epikur prior to 20.1.1 has an authorization issue: a Glassfish 4.1 server with a default configuration exposes the administrator account on TCP port 4848 without requiring a password, enabling potential admin access on affected hosts. This description is confirmed by the Red Hat entry; no specifi...
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This...
Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)
Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE: 2017-1000028 This module requires Metasploit:...
Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)
Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE:...
Path Traversal in Oracle GlassFish Server Open Source Edition
This module exploits an unauthenticated directory traversal vulnerability which exists in administration console of Oracle GlassFish Server 4.1, which is listening by default on port 4848/TCP. This module requires Metasploit: https://metasploit.com/download Current source:...
Oracle GlassFish Server - Administration Console Authentication Bypass
Oracle GlassFish Server Administration Console Authentication Bypass 1. Advisory Information Title: Oracle GlassFish Server Administration Console Authentication Bypass Advisory ID: CORE-2010-1118 Advisory URL: http://www.coresecurity.com/content/glassfishadminauthenticationbypass Date published:...
Oracle GlassFish/System Application Server Security Bypass Vulnerability
The host is running GlassFish/System Application Server and is prone to security bypass vulnerability. OpenVAS Vulnerability Test $Id: gboracleglassfishnsjassecbypassvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ Oracle GlassFish/System Application Server Security Bypass Vulnerability Authors: Antu...
ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-137 April 19, 2011 -- CVE ID: CVE-2011-0807 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Applicati...
Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GlassFish Application Server and Oracle Java Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Web Administration component which...