4 results (0.016 seconds)

CVSS: 1.0EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy. Vulnerabilidad sin especificar en Oracle Sun Java System Portal Server 7.1 y 7.2 permite a usuarios locales afectar a la confidencialidad a través de vectores desconocidos relacionados con el Proxy. • http://osvdb.org/70565 http://secunia.com/advisories/42991 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45898 http://www.vupen.com/english/advisories/2011/0158 https://exchange.xforce.ibmcloud.com/vulnerabilities/64816 •

CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados(XSS) en el componente Gateway en Sun Java System Portal Server v6.3.1, v7.1, y v7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria. • http://securitytracker.com/id?1023260 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1 http://www.securityfocus.com/bid/37186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0

Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Sun Java System Portal Server v6.3.1, v7.1, y v7.2, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores relacionados con una pagina de error. • http://osvdb.org/54705 http://secunia.com/advisories/35221 http://sunsolve.sun.com/search/document.do?assetkey=1-21-118950-38-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-256588-1 http://www.securityfocus.com/bid/35082 http://www.securitytracker.com/id?1022273 http://www.vupen.com/english/advisories/2009/1411 https://exchange.xforce.ibmcloud.com/vulnerabilities/50704 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote attackers to access local files and read the product's configuration information via unknown vectors related to "access to secure files by ThemeServlet." Vulnerabilidad sin especificar en los componentes de Sun Java Web Console en Sun Java System Portal Server v7.1 y v7.2 permite a atacantes remotos acceder a ficheros locales y leer la información de configuración del producto mediante vectores desconocidos, relacionado a "acceso a ficheros seguros por ThemeServlet". • http://secunia.com/advisories/33120 http://securitytracker.com/id?1021380 http://sunsolve.sun.com/search/document.do?assetkey=1-21-124301-12-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-243886-1 http://www.securityfocus.com/bid/32770 http://www.vupen.com/english/advisories/2008/3408 https://exchange.xforce.ibmcloud.com/vulnerabilities/47256 • CWE-264: Permissions, Privileges, and Access Controls •