Show filters
295 Total Results
Displaying 231-240 of 295
Sort by:
Attacker Value
Unknown

CVE-2008-2405

Disclosure Date: June 04, 2008 (last updated October 04, 2023)
Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications.
0
0
Attacker Value
Unknown

CVE-2008-2518

Disclosure Date: June 03, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter.
0
0
Attacker Value
Unknown

CVE-2008-2166

Disclosure Date: May 13, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.
0
0
Attacker Value
Unknown

CVE-2008-2120

Disclosure Date: May 09, 2008 (last updated October 04, 2023)
Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2008-1995

Disclosure Date: April 28, 2008 (last updated October 04, 2023)
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.
0
0
Attacker Value
Unknown

CVE-2007-6571

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
0
0
Attacker Value
Unknown

CVE-2007-6569

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.
0
0
Attacker Value
Unknown

CVE-2007-6572

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
0
0
Attacker Value
Unknown

CVE-2007-6570

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
0
0
Attacker Value
Unknown

CVE-2007-5152

Disclosure Date: October 01, 2007 (last updated October 04, 2023)
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
0
0
View More Topics  < Previous  Next >