CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 1CVE-2011-5034 – MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
https://notcve.org/view.php?id=CVE-2011-5034
Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461. Apache Geronimo v2.2.1 y anteriores calcula los valores hash de los parámetros de forma, sin restringir la capacidad de desencadenar colisiones hash predecible, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío de gran cantidad de parámetros a mano. NOTA: este podría superponerse CVE-2011-4461. • https://www.exploit-db.com/exploits/2012 http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html http://secunia.com/advisories/47412 http://www.kb.cert.org/vuls/id/903934 http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py https://lists.apache.org/thread.html/r20957aa5962a48328f199e2373f408aeeae601a45dd5275a195e2b6e%40%3Cjava-dev.axis.apache.org%3E https:/&#x • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0039 – Apache Geronimo 2.1.x - Cross-Site Request Forgery (Multiple Admin Function)
https://notcve.org/view.php?id=CVE-2009-0039
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hijack the authentication of administrators for requests that (1) change the web administration password, (2) upload applications, and perform unspecified other administrative actions, as demonstrated by (3) a Shutdown request to console/portal//Server/Shutdown. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en la consola de administración web en Apache Geronimo Application Server 2.1 a 2.1.3 permite a atacantes remotos realizar acciones no autorizadas como administradores para peticiones que (1) cambian la contraseña de administración de la web, (2) suben aplicaciones y realizan otras acciones de administración no especificadas como es demuestrado por (3) una petición de apagado a console/portal//Server/Shutdown. Apache Geronimo Application Server versions 2.1 through 2.1.3 suffer from multiple cross site request forgery vulnerabilities. • https://www.exploit-db.com/exploits/32922 http://dsecrg.com/pages/vul/show.php?id=120 http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214 http://issues.apache.org/jira/browse/GERONIMO-4597 http://secunia.com/advisories/34715 http://www.securityfocus.com/archive/1/502735/100/0/threaded http://www.securityfocus.com/bid/34562 http://www.vupen.com/english/advisories/2009/1089 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 4CVE-2009-0038 – Apache Geronimo 2.1.x - '/console/portal/' URI Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-0038
Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en la consola de administración web en Apache Geronimo Application Server 2.1 a 2.1.3 permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante los parámetros (1) name, (2) ip, (3) username, o (4) description para console/portal/Server/Monitoring; o (5) el PATH_INFO para la URI por defecto bajo console/portal/. Apache Geronimo Application Server versions 2.1 through 2.1.3 suffer from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/32921 https://www.exploit-db.com/exploits/32920 http://dsecrg.com/pages/vul/show.php?id=119 http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214 http://issues.apache.org/jira/browse/GERONIMO-4597 http://secunia.com/advisories/34715 http://www.securityfocus.com/archive/1/502734/100/0/threaded http://www.securityfocus.com/bid/34562 http://www.vupen.com/english/advisories/2009/1089 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.4EPSS: 0%CPEs: 5EXPL: 3CVE-2008-5518 – Apache Geronimo 2.1.3 - Multiple Directory Traversal Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet. Múltiples vulnerabilidades de salto de directorio en la consola de administración web en Apache Geronimo Application Server 2.1 a 2.1.3 en Windows permiten a atacantes remotos subir ficheros a directorios de su elección a través de secuencias de salto de directorio en los parámetros 1) group, (2) artifact, (3) version, o (4) fileType para console/portal//Services/Repository (también conocido como el portlet Services/Repository); (5) el parámetro createDB para console/portal/Embedded DB/DB Manager (también conocido como el portlet Embedded DB/DB Manager); o el parámetro filename para el script createKeystore en el portlet Security/Keystores. • https://www.exploit-db.com/exploits/8458 http://dsecrg.com/pages/vul/show.php?id=118 http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214 http://issues.apache.org/jira/browse/GERONIMO-4597 http://secunia.com/advisories/34715 http://www.securityfocus.com/archive/1/502733/100/0/threaded http://www.securityfocus.com/bid/34562 http://www.vupen.com/english/advisories/2009/1089 https://exchange.xforce.ibmcloud.com/vulnerabilities/49898 https://exchange.xforc • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-5797
https://notcve.org/view.php?id=CVE-2007-5797
SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database. El SQLLoginModule en el Apache Geronimo 2.0 hasta el 2.1 no lanza una excepción para nombre de usuarios no existentes, lo que permite a atacantes remotos evitar la autenticación mediante un intento de registrase con algún usuario que no esté contenido en la Base de Datos. • http://osvdb.org/38662 http://secunia.com/advisories/27478 http://secunia.com/advisories/27482 http://www-1.ibm.com/support/docview.wss?uid=swg21286105 http://www.securityfocus.com/bid/26287 http://www.vupen.com/english/advisories/2007/3675 http://www.vupen.com/english/advisories/2007/3676 https://issues.apache.org/jira/browse/GERONIMO-3543 • CWE-287: Improper Authentication •