Lucene search
K
SunJava System Application Server

6 matches found

CVE
CVE
added 2006/07/28 11:0 p.m.68 views

CVE-2006-3921

Summary (CVE-2006-3921): Affects Sun Java System Application Server (SJSAS) 7–8.1 and Web Server (SJSWS) 6.0–6.1. The issue permits remote authenticated users to read files outside the “document root” via a direct request using a UTF-8 encoded URI. The NVD entry lists a Medium base score (AV:N/AC...

4CVSS6.1AI score0.02167EPSS
CVE
CVE
added 2008/11/28 6:26 p.m.68 views

CVE-2008-5266

CVE-2008-5266 is an XSS in GlassFish 2 UR2 webadmin (configuration/httpListenerEdit.jsf) of Sun Java System Application Server 9.1_01 (build b09d-fcs) and 9.1_02 (build b04-fcs). Remote attackers can inject arbitrary script via the name parameter. CVSS v2 base score 4.3 (AV:N/AC:M/Au:N/I:P/C:N/A:...

4.3CVSS5.6AI score0.04889EPSS
Web
CVE
CVE
added 2008/06/18 7:29 p.m.64 views

CVE-2008-2751

CVE-2008-2751 concerns multiple XSS vulnerabilities in the GlassFish 2 Sun Java System Application Server 9.1_01 webadmin interface. The disclosed vectors affect the JSF pages (resourceNode, applications, etc.) via numerous form fields (e.g., jndiProp, resTypeProp, factoryClassProp, descProp, nam...

4.3CVSS5.7AI score0.04376EPSS
Web
CVE
CVE
added 2005/12/07 11:0 a.m.58 views

CVE-2005-4046

The CVE-2005-4046 entry affects the Reverse SSL Proxy Plug-in used with Sun Java System Application Server Standard Edition 7 (2004Q2), Application Server Enterprise Edition 8.1 (2005Q1), and Sun ONE Application Server 7 Standard Edition. The vulnerability is unspecified but allows remote attacke...

4CVSS7.1AI score0.017EPSS
CVE
CVE
added 2005/03/13 5:0 a.m.56 views

CVE-2005-0742

CVE-2005-0742 describes a cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7. The issue allows remote attackers to inject arbitrary web script or HTML via unknown vectors, potentially affecting the integrity of user data. The cited NVD metrics indicate a low to mediu...

4.3CVSS5.9AI score0.01813EPSS
CVE
CVE
added 2007/07/26 7:0 p.m.54 views

CVE-2007-4025

CVE-2007-4025 affects Sun Java System Application Server (SJS) 8.1–9.0 prior to 20070724 on Windows. It allows remote attackers to obtain JSP source code via unspecified vectors. The connected documents do not specify root cause, explicit exploit method, or a fix/remediation. No remediation detai...

4.3CVSS6.9AI score0.02015EPSS