6 matches found
CVE-2006-2501
CVE-2006-2501 describes a cross-site scripting (XSS) vulnerability in multiple Sun web/server products (Sun ONE Web Server 6.0 SP9 and earlier; Sun Java System Web Server 6.1 SP4 and earlier; Sun ONE Application Server 7 Update 6 and earlier; Java System Application Server 7 2004Q2 Update 2 and e...
CVE-2006-3921
Summary (CVE-2006-3921): Affects Sun Java System Application Server (SJSAS) 7–8.1 and Web Server (SJSWS) 6.0–6.1. The issue permits remote authenticated users to read files outside the “document root” via a direct request using a UTF-8 encoded URI. The NVD entry lists a Medium base score (AV:N/AC...
CVE-2006-6276
Sun Java System Proxy Server versions prior to 20061130 are affected by an HTTP request smuggling vulnerability when used with Sun Java System Application Server or Sun Java System Web Server. Exploitation could bypass HTTP request filtering, enable web session hijacking, permit cross-site script...
CVE-2005-4805
Technical details about CVE-2005-4805 are not publicly available in the provided documents; no specifics on affected product versions, vectors, or fixes are provided. Monitor for updates.
CVE-2005-4804
Technical details about CVE-2005-4804 are not publicly available in the provided documents. Monitor for updates.
CVE-2006-3225
CVE-2006-3225 describes a cross-site scripting (XSS) vulnerability affecting Sun ONE Application Server 7 before Update 9, Java System Application Server 7 (2004Q2) before Update 5, and Java System Application Server Enterprise Edition 8.1 (2005 Q1). The issue allows remote attackers to inject ar...