| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2000-0499 | 5.0 |
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
|
26-01-2024 - 17:43 | 08-06-2000 - 04:00 | |
| CVE-2000-0497 | 5.0 |
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
|
26-01-2024 - 17:43 | 08-06-2000 - 04:00 | |
| CVE-2000-0498 | 5.0 |
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
|
26-01-2024 - 17:43 | 08-06-2000 - 04:00 | |
| CVE-2017-10309 | 6.8 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple prot
|
12-08-2022 - 18:04 | 19-10-2017 - 17:29 | |
| CVE-2005-1234 | 5.0 |
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
| CVE-2005-1224 | 7.5 |
Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) nChannel parameter to default.asp, cat.asp, or detail.asp, (2) the iChannel parameter to search.asp, default.asp, r
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
| CVE-2008-6412 | 7.5 |
Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allows "low privileged" users to gain administrator privileges via unknown attack vectors.
|
17-08-2017 - 01:29 | 06-03-2009 - 11:30 | |
| CVE-2005-1233 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.
|
11-07-2017 - 01:32 | 20-04-2005 - 04:00 | |
| CVE-2016-4301 | 6.8 |
Stack-based buffer overflow in the parse_device function in archive_read_support_format_mtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file.
|
01-07-2017 - 01:29 | 21-09-2016 - 14:25 | |
| CVE-2012-0033 | 5.0 |
The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request.
|
08-12-2016 - 03:02 | 08-04-2014 - 14:22 | |
| CVE-2014-7816 | 5.0 |
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI.
|
04-03-2015 - 16:41 | 01-12-2014 - 15:59 | |
| CVE-2005-1236 | 7.5 |
Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote attackers to execute arbitrary SQL commands via the (1) iChannel parameter to channel.asp or search.asp, (2) iData parameter to detail.asp or inc_rating.asp, (
|
05-09-2008 - 20:48 | 02-05-2005 - 04:00 |