Lucene search
K

51 matches found

Exploit DB
Exploit DB
added 2008/11/11 12:0 a.m.20 views

Sun Java System Identity Manager 6.0/7.x - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/32262/info Sun Java System Identity Manager is prone to multiple web-interface vulnerabilities, including a cross-site request-forgery issue, multiple cross-site scripting issues, multiple HTML-injection issues, and a directory-traversal vulnerability...

7.4AI score
Exploits0
Prion
Prion
added 2008/01/11 10:46 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the 1 cntry or lang parameters to /idm/login.jsp, 2 resultsForm parameter to /idm/account/findForSelect.jsp, or...

4.3CVSS6.2AI score0.05696EPSS
Exploits1References16Affected Software1
NVD
NVD
added 2008/01/11 10:46 p.m.25 views

CVE-2008-0239

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the 1 cntry or lang parameters to /idm/login.jsp, 2 resultsForm parameter to /idm/account/findForSelect.jsp, or...

4.3CVSS5.9AI score0.05696EPSS
Exploits1References16
NVD
NVD
added 2008/01/11 10:46 p.m.21 views

CVE-2008-0240

/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."...

4.3CVSS6.8AI score0.05836EPSS
Exploits1References9
Cvelist
Cvelist
added 2008/01/11 10:0 p.m.27 views

CVE-2008-0239

Multiple cross-site scripting XSS vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote attackers to inject arbitrary HTML or web script via the 1 cntry or lang parameters to /idm/login.jsp, 2 resultsForm parameter to /idm/account/findForSelect.jsp, or...

5.9AI score0.05696EPSS
Exploits1References16
CVE
CVE
added 2008/01/11 10:0 p.m.52 views

CVE-2008-0241

CVE-2008-0241 describes an open redirect vulnerability in Sun Java System Identity Manager’s login page. The affected products are Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1. The flaw is due to improper handling of the nextPage parameter in /idm/user/login.jsp, allowing re...

5.8CVSS6.7AI score0.02677EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2008/01/11 10:0 p.m.53 views

CVE-2008-0239

The CVE-2008-0239 issue covers multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager versions 6.0 SP1–SP3, 7.0, and 7.1. The root cause is failure to sanitize user-supplied input in several JSP scripts, allowing remote, unauthenticated attackers to inject arbitra...

4.3CVSS5.9AI score0.05696EPSS
Exploits1References16Affected Software1
exploitpack
exploitpack
added 2008/01/09 12:0 a.m.20 views

Sun Java System Identity Manager 6.07.07.1 - idmaccountfindForSelect.jsp?resultsForm Cross-Site Scripting

Sun Java System Identity Manager 6.07.07.1 - idmaccountfindForSelect.jsp?resultsForm Cross-Site Scripting source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2008/01/09 12:0 a.m.19 views

Sun Java System Identity Manager 6.07.07.1 - idmlogin.jsp Multiple Cross-Site Scripting Vulnerabilities

Sun Java System Identity Manager 6.07.07.1 - idmlogin.jsp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/09 12:0 a.m.18 views

Sun Java System Identity Manager 6.07.07.1 - idmhelpindex.jsp?helpUrl Remote Frame Injection

Sun Java System Identity Manager 6.07.07.1 - idmhelpindex.jsp?helpUrl Remote Frame Injection source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting...

Exploits0
Exploit DB
Exploit DB
added 2008/01/09 12:0 a.m.24 views

Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/account/findForSelect.jsp?resultsForm' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting issues, because it fails to adequately sanitize user-supplied input. Attackers can exploit these...

7.4AI score
Exploits0
Rows per page
Query Builder