Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eclipse mojarra vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-14371
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra prior to 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.
Eclipse Mojarra
6.5
CVSSv3
CVE-2020-6950
Directory traversal in Eclipse Mojarra prior to 2.3.14 allows malicious users to read arbitrary files via the loc parameter or con parameter.
Eclipse Mojarra
Oracle Solaris Cluster 4.0
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Network Integrity 7.3.6
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Banking Platform 2.12.0
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Enterprise Default Management 2.10.0
Oracle Retail Merchandising System 19.0.1
Oracle Time And Labor
Oracle Hyperion Calculation Manager
6.1
CVSSv3
CVE-2019-17091
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J prior to 2.3.10 and Mojarra JavaServer Faces prior to 2.2.20, allows Reflected XSS because a client window field is mishandled.
Eclipse Mojarra
Oracle Mojarra Javaserver Faces
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Merchandising System 16.0
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Health Sciences Information Manager 3.0
Oracle Retail Integration Bus 16.0
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 16.0
Oracle Communications Unified Inventory Management 7.4.0
Oracle Primavera P6 Enterprise Project Portfolio Management 19.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Secure Global Desktop 5.5
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.3.0
Oracle Retail Bulk Data Integration 16.0.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started