CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3314
https://notcve.org/view.php?id=CVE-2021-3314
Oracle GlassFish Server 3.1.2.18 and below allows /common/logViewer/logViewer.jsf XSS. A malicious user can cause an administrator user to supply dangerous content to the vulnerable page, which is then reflected back to the user and executed by the web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Oracle GlassFish Server versiones 3.1.2.18 y por debajo permite un ataque de tipo XSS en el archivo /common/logViewer/logViewer.jsf. Un usuario malicioso puede causar a un usuario administrador suministrar contenido peligroso a la página vulnerable, que luego es reflejado de regreso al usuario y es ejecutado por el navegador web. • https://n4nj0.github.io/advisories/oracle-glassfish-reflected-xss https://www.gruppotim.it/redteam • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 1CVE-2011-5035 – MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
https://notcve.org/view.php?id=CVE-2011-5035
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869. Oracle Glassfish 2.1.1, 3.0.1 y 3.1.1, tal como se utiliza en Communications Server 2.0, Sun Java System Application Server 8.1 y 8.2 y posiblemente otros productos, computa valores hash para parámetros de forma sin restringir la habilidad para desencadenar colisiones hash de manera predecible, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío de muchos parámetros manipulados, también conocido como Oracle security ticket S0104869. • https://www.exploit-db.com/exploits/2012 http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://marc.info/? • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 96%CPEs: 4EXPL: 2CVE-2011-0807 – Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0807
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration. Vulnerabilidad no especificada en Oracle Sun GlassFish Enterprise Server v2.1, v2.1.1 y v3.0.1, y Sun Java System Application Server v9.1, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con la Administración. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GlassFish Application Server and Oracle Java Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Web Administration component which listens by default on TCP port 4848. When handling a malformed GET request to the administrative interface, the application does not properly handle an exception allowing the request to proceed without authentication. • https://www.exploit-db.com/exploits/17615 http://securityreason.com/securityalert/8327 http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/glassfish_deployer.rb •
CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2010-4438
https://notcve.org/view.php?id=CVE-2010-4438
Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, integrity, and availability, related to Java Message Service (JMS). Vulnerabilidad no especificada en Oracle GlassFish v2.1, v2.1.1 y v3.0.1, y Java System Message Queue v4.1 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad, relacionado con Java Message Service (JMS). • http://osvdb.org/70572 http://osvdb.org/70573 http://secunia.com/advisories/42988 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45890 http://www.vupen.com/english/advisories/2011/0155 https://exchange.xforce.ibmcloud.com/vulnerabilities/64813 •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 11CVE-2009-1553 – GlassFish Enterprise Server 2.1 - Admin Console '/configuration/auditModuleEdit.jsf?name' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-1553
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, or (6) webService/webServicesGeneral.jsf; or the name parameter to (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Admin Console en Sun GlassFish Enterprise Server v2.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de una consulta a (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) customMBeans/customMBeans.jsf, (4) resourceNode/resources.jsf, (5) sysnet/registration.jsf, o (6) webService/webServicesGeneral.jsf; o del parámetro "name" a (7) configuration/auditModuleEdit.jsf, (8) configuration/httpListenerEdit.jsf, or (9) resourceNode/jdbcResourceEdit.jsf. • https://www.exploit-db.com/exploits/32980 https://www.exploit-db.com/exploits/32971 https://www.exploit-db.com/exploits/32981 https://www.exploit-db.com/exploits/32975 https://www.exploit-db.com/exploits/32974 https://www.exploit-db.com/exploits/32977 https://www.exploit-db.com/exploits/32979 https://www.exploit-db.com/exploits/32978 http://dsecrg.com/pages/vul/show.php?id=134 http://jvn.jp/en/jp/JVN73653977/index.html http://jvndb.jvn.jp/en/content • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •