CVSS: 10.0EPSS: 1%CPEs: 40EXPL: 0CVE-2008-0389
https://notcve.org/view.php?id=CVE-2008-0389
23 Jan 2008 — Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors. Una vulnerabilidad no especificada en la función serveServletsByClassnameEnabled en IBM WebSphere Application Server (WAS) versiones 6.0 hasta 6.0.2.25, versiones 6.1 hasta 6.1.0.14 y versiones 5.1.1.x anteriores a 5.1.1.18, presenta un impacto desconocido y vectores de ataque. • http://secunia.com/advisories/28576 •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2007-6679
https://notcve.org/view.php?id=CVE-2007-6679
10 Jan 2008 — Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected. Una vulnerabilidad no especificada en la Consola Administrativa en IBM WebSphere Application Server versión 6.1 anterior a Fix Pack 13, presenta vectores de ataques e impactos desconocidos, relacionados a "security concerns wi... • http://secunia.com/advisories/28588 •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 1CVE-2007-5944 – IBM Websphere Application Server 5.1.1 - WebContainer HTTP Request Header Security
https://notcve.org/view.php?id=CVE-2007-5944
14 Nov 2007 — Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. NOTE: this might be the same issue as CVE-2006-3918, but there are insufficient details to be sure. Una vulnerabilidad de tipo cross-site scripting (XSS) en Servlet Engine / Web Container en IBM WebSphere Application Server (WAS) versiones 5.1.1.4 hasta 5.1.1.1.16, permite a ata... • https://www.exploit-db.com/exploits/30768 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5799
https://notcve.org/view.php?id=CVE-2007-5799
03 Nov 2007 — Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to perform some actions as WAS UDDI users via the (1) keyField, (2) nameField, (3) valueField, and (4) frameReturn parameters. Múltiples vulnerabilidades en la falsificación de petición en sitios cruzados (CSRF) en el uddigui/navigateTree.do de la consola de usuario UDDI en el Servidor de Aplicacion... • http://osvdb.org/41619 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5798
https://notcve.org/view.php?id=CVE-2007-5798
03 Nov 2007 — Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via the (1) keyField, (2) nameField, (3) valueField, and (4) frameReturn parameters. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el uddigui/navigateTree.do de la consola de usuario UDDI en el Servidor de Aplicaciones WebSphere de I... • http://osvdb.org/41618 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2007-5483
https://notcve.org/view.php?id=CVE-2007-5483
16 Oct 2007 — Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors. Vulnerabilidad no especificada en Administrative Scripting Tools (como wsadmin o ANT) en IBM WebSphere Application Server 5.x y 6.0.x tienen un impacto desconocido y vectores de ataque. • http://secunia.com/advisories/27249 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4833
https://notcve.org/view.php?id=CVE-2007-4833
12 Sep 2007 — Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. Vulnerabilidad no especificada en el componente Edge en IBM WebSphere Application Server (WAS) 6.1 anterior a Fix Pack 11 (6.1.0.11) tiene un impacto desconocido y vectores de ataque, también conocido como PK44789. • http://osvdb.org/41617 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4839
https://notcve.org/view.php?id=CVE-2007-4839
12 Sep 2007 — Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803. Vulnerabilidad no especificada en el componente PD tools de IBM WebSphere Application Server (WAS) 6.1 anterior al Fix Pack 11 (6.1.0.11) tiene impacto y vectores de ataque desconocidos, también conocido como PK33803. • http://osvdb.org/41611 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3960
https://notcve.org/view.php?id=CVE-2007-3960
24 Jul 2007 — Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213). Múltiples vulnerabilidades no especificadas en IBM WebSphere Application Server (WAS) anterior a Fix Pack 21 (6.0.2.21) tienen un impacto desconocido y vectores de ataque, también conocido como (1) PK33799, o (2) a "exposición potencial seguro" en el componente Sample (P... • http://osvdb.org/41615 •
CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 0CVE-2007-3397
https://notcve.org/view.php?id=CVE-2007-3397
26 Jun 2007 — The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers to obtain sensitive information. El contenedor web en IBM WebSphere Application Server (WAS) anterior a 6.0.2.21, y 6.1.x anterior a 6.1.0.9, envía los datos de respuesta previstos para una petición diferente en ciertas circunstancias después de un error de cierr... • http://osvdb.org/41644 •