3 results (0.012 seconds)

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Sybase EAServer before v6.1 permite a atacantes remotos inyectar código web o HTML arbitrario a través de vectores no especificados. • http://jvn.jp/en/jp/JVN47662377/index.html http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000047.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 11%CPEs: 34EXPL: 0

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability." Vulnerabilidad no especificada en Sybase EAServer v5.x y v6.x anterior a v6.3 ESD#2, como el utilizado en Appeon, Replication Server Messaging Edition (RSME), y WorkSpace, permite a atacantes remotos instalar servicios web y ejecutar código de su elección. Relacionado con una «vulnerabilidad inherente». • http://osvdb.org/70428 http://secunia.com/advisories/42904 http://www.securityfocus.com/bid/45809 http://www.sybase.com/detail?id=1091057 http://www.vupen.com/english/advisories/2011/0125 https://exchange.xforce.ibmcloud.com/vulnerabilities/64697 •

CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request. Una vulnerabilidad de salto de directorio en EAServer de Sybase versiones 6.x anteriores a 6.3 ESD-2, tal y como es usado en Appeon, Replication Server Messaging Edition (RSME) y WorkSpace, permite a los atacantes remotos leer archivos arbitrarios por medio de "../\" (punto punto seguido de barra diagonal y barra invertida) en una petición especialmente diseñada. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=889 http://osvdb.org/70427 http://secunia.com/advisories/42904 http://www.securityfocus.com/bid/45809 http://www.sybase.com/detail?id=1091057 http://www.vupen.com/english/advisories/2011/0125 https://exchange.xforce.ibmcloud.com/vulnerabilities/64695 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •