NotCVE - vendor:"Hitachi" product:"Ucosminexus Developer Standard" version:"07_00

3 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 44EXPL: 0

CVE-2007-5809

https://notcve.org/view.php?id=CVE-2007-5809

05 Nov 2007 — Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Hitachi Web Server 01-00 hasta 03-10, tal y como se usa en determinados productos Cosminexus, permite a atacantes remotos inyectar scripts web o HTML de su elección mediante petic... • http://osvdb.org/42027 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 44EXPL: 0

CVE-2007-5810

https://notcve.org/view.php?id=CVE-2007-5810

05 Nov 2007 — Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly validate SSL client certificates, which might allow remote attackers to spoof authentication via a client certificate with a forged signature. Hitachi Web Server 01-00 hasta 03-00-01, tal y como se usa en determinados productos Cosminexus, no valida apropiadamente certificados SSL cliente, lo cual podría permitir a atacantes remotos suplantar autenticación mediante un certificado cliente con una firma falsif... • http://osvdb.org/42026 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 65EXPL: 0

CVE-2007-4760

https://notcve.org/view.php?id=CVE-2007-4760

08 Sep 2007 — The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503. La herramienta javadoc del Kit para Java: Cosminexus Developer's de Cosminexus 7 y 7.5 puede generar documentos HTML que contienen vulnerabilidades de secuencias de comandos en sitios cruzados (XSS... • http://secunia.com/advisories/26671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •