Lucene search
K

8 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.48 views

Sun Calendar Express Web Server - (DoS/XSS) Multiple Remote Vulns

No description provided by source. Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in Sun Calendar Express Web Server 1. Advisory Information Title: Multiple vulnerabilities in Sun Calendar Express Web Server Advisory ID: CORE-2009-010...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/04/02 12:0 a.m.48 views

Sun Java System Calendar Server多个模块跨站脚本漏洞

BUGTRAQ ID: 34152,34153 CVECAN ID: CVE-2009-1218 Sun Java System Calendar Server是Sun Java System通信套件中的日程服务器组件。 Calendar Server中的login.wcap组件没有正确地验证用户所提交的fmt-out参数,command.shtml组件没有正确地验证date参数。远程攻击者可以通过向服务器提交恶意请求执行跨站脚本攻击,导致在用户浏览器会话中执行任意代码。 Sun Java System Calendar Server 6.3 Sun Java System Calend...

4.3CVSS5.8AI score0.04362EPSS
Exploits2
Prion
Prion
added 2009/04/01 6:30 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via 1 the fmt-out parameter to login.wcap or 2 the date...

4.3CVSS6AI score0.04362EPSS
Exploits2References7Affected Software2
NVD
NVD
added 2009/04/01 6:30 p.m.28 views

CVE-2009-1218

Multiple cross-site scripting XSS vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 through 6.3-7.01 allow remote attackers to inject arbitrary web script or HTML via 1 the fmt-out parameter to login.wcap or 2 the date...

4.3CVSS5.7AI score0.04362EPSS
Exploits2References7
exploitpack
exploitpack
added 2009/03/31 12:0 a.m.34 views

Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting

Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in Sun Calendar Express Web Server 1. Advisory Information Title: Multiple vulnerabilities in Sun Calendar Express...

0.2AI score
Exploits0
Prion
Prion
added 2008/06/18 7:41 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging aka service.http.commandlog.all is enabled, allows remote attackers to cause a denial of service daemon crash via unspecified vectors...

7.1CVSS7.2AI score0.0245EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2008/06/18 7:29 p.m.31 views

CVE-2008-2749

Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging aka service.http.commandlog.all is enabled, allows remote attackers to cause a denial of service daemon crash via unspecified vectors...

6.7AI score0.0245EPSS
Exploits0References6
CVE
CVE
added 2008/06/18 7:29 p.m.48 views

CVE-2008-2749

CVE-2008-2749 affects Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, where the cshttpd component is vulnerable when access logging (service.http.commandlog.all) is enabled. The issue allows remote attackers to cause a denial of service (daemon crash) via unspecified v...

7.1CVSS6.7AI score0.0245EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder