CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2120
https://notcve.org/view.php?id=CVE-2008-2120
09 May 2008 — Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors. Vulnerabilidad no especificada en Java System Application Server versión 7 2004Q2 anterior a Update 6, Web Server versión 6.1 anterior a SP8 y and Web Server versión 7.0 anterior a Update 1 permite a atacantes remotos obtener el código fuente de los ficheros JSP mediante vectores... • http://secunia.com/advisories/30122 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 6%CPEs: 20EXPL: 0CVE-2006-2501
https://notcve.org/view.php?id=CVE-2006-2501
20 May 2006 — Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages. • http://jvn.jp/jp/JVN%2303D5EAA8/index.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1889
https://notcve.org/view.php?id=CVE-2005-1889
07 Jun 2005 — Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-101690-1 •
CVSS: 9.8EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0826
https://notcve.org/view.php?id=CVE-2004-0826
02 Sep 2004 — Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 •
CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 1CVE-2000-0812
https://notcve.org/view.php?id=CVE-2000-0812
18 Oct 2000 — The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/197&type=0&nav=sec.sba •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2000-0629
https://notcve.org/view.php?id=CVE-2000-0629
12 Jul 2000 — The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0163.html •