| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-2103 | 4.3 |
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) th
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
| CVE-2004-2104 | 5.0 |
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
| CVE-2004-2106 | 5.0 |
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
| CVE-2004-2105 | 5.0 |
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 |