Show filters
18 Total Results
Displaying 1-10 of 18
Sort by:
Attacker Value
Unknown

CVE-2012-1738

Disclosure Date: July 17, 2012 (last updated October 04, 2023)
Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and Oracle iPlanet Web Server 7.0 allows remote attackers to affect availability via unknown vectors related to Web Server.
0
0
Attacker Value
Unknown

CVE-2009-2445

Disclosure Date: July 13, 2009 (last updated October 04, 2023)
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.
0
0
Attacker Value
Unknown

CVE-2009-1934

Disclosure Date: June 05, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.
0
0
Attacker Value
Unknown

CVE-2008-2518

Disclosure Date: June 03, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter.
0
0
Attacker Value
Unknown

CVE-2008-2166

Disclosure Date: May 13, 2008 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.
0
0
Attacker Value
Unknown

CVE-2007-6571

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
0
0
Attacker Value
Unknown

CVE-2007-6569

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.
0
0
Attacker Value
Unknown

CVE-2007-6572

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
0
0
Attacker Value
Unknown

CVE-2007-6570

Disclosure Date: December 28, 2007 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
0
0
Attacker Value
Unknown

CVE-2007-4164

Disclosure Date: August 07, 2007 (last updated October 04, 2023)
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.
0
0
View More Topics  Next >