Cross site scripting

Cross-site scripting XSS vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a 1 .cfm or 2 .cfml file, which reflects the result in the default error page...

CVE-2006-2310

BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of service hang via a request for a .cfm file whose name contains an MS-DOS device name such as 1 con, 2 aux, 3 com1, and 4 com2...

CVE-2006-2311

Cross-site scripting XSS vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a 1 .cfm or 2 .cfml file, which reflects the result in the default error page...

CVE-2006-2310

BlueDragon Server / Server JX 6.2.1.286 for Windows is vulnerable to a denial-of-service via a crafted request for a .cfm filename containing an MS-DOS device name (for example, con, aux, com1, com2). The underlying issue, as described in the CVE entry, is improper handling/sanitization of user-s...

CVE-2006-2310

BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of service hang via a request for a .cfm file whose name contains an MS-DOS device name such as 1 con, 2 aux, 3 com1, and 4 com2...

CVE-2006-2311

Affected product: BlueDragon Server / Server JX 6.2.1.286 for Windows. Vulnerability: Cross-site scripting (XSS) via the filename parameter in requests to .cfm or .cfml files, reflected in the default error page. Root cause: the input is not properly sanitized in the filename handling. Impact: re...

CVE-2006-2311

Cross-site scripting XSS vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to inject arbitrary web script or HTML via the filename in a request to a 1 .cfm or 2 .cfml file, which reflects the result in the default error page...