Lucene search
SybaseEaserver4.0
2 matches found
CVE-2002-1861
Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
5CVSS7.5AI score0.00281EPSS
CVE-2012-4340
Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3CVSS5.8AI score0.00225EPSS