Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java web console vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1036
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote malicious users to bypass authentication and gain administrative access via direct requests.
Jboss Jboss Application Server
2 EDB exploits
5
CVSSv2
CVE-2010-0738
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 prior to 4.2.0.CP09 and 4.3 prior to 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote malicious users to send requests...
Redhat Jboss Enterprise Application Platform 4.2.0
Redhat Jboss Enterprise Application Platform 4.2
Redhat Jboss Enterprise Application Platform 4.3.0
Redhat Jboss Enterprise Application Platform 4.3
4 EDB exploits
2 Nmap scripts
4 Github repositories
1 Article
4.4
CVSSv2
CVE-2020-27216
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creatin...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Vasa Provider
Netapp Virtual Storage Console
Netapp Storage Replication Adapter
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Element Manager
Oracle Flexcube Core Banking
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Siebel Core - Automation
Apache Beam 2.21.0
Apache Beam 2.22.0
Apache Beam 2.23.0
2.9
CVSSv2
CVE-2013-1615
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allows remote malicious users to obtain sensitive information via unspecified web-GUI API calls.
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
4.3
CVSSv2
CVE-2014-0390
Unspecified vulnerability in Oracle Solaris 10 allows remote malicious users to affect integrity via unknown vectors related to Java Web Console.
Sun Sunos 5.10
4.3
CVSSv2
CVE-2013-5839
Unspecified vulnerability in Oracle Solaris 10 allows remote malicious users to affect integrity via unknown vectors related to Oracle Java Web Console.
Sun Sunos 5.10
4.3
CVSSv2
CVE-2013-1614
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x prior to 4.8.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vector...
Symantec Security Information Manager 4.7.0
Symantec Security Information Manager 4.8.0
Symantec Security Information Manager 4.7.1
Symantec Security Information Manager 4.7.2
Symantec Security Information Manager 4.7.3
Symantec Security Information Manager 4.7.4
Symantec Security Information Manager Appliance -
7.8
CVSSv2
CVE-2008-1286
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote malicious users to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
Sun Java Web Console 3.0.4
Sun Java Web Console 3.0.2
Sun Java Web Console 3.0.3
7.5
CVSSv2
CVE-2006-3733
jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.2.1, allows remote malicious users to gain privileges as the CS-MARS administrator and execute arbitrary Ja...
Cisco Security Monitoring Analysis And Response System 4.2.0
1 EDB exploit
4.3
CVSSv2
CVE-2010-5192
Cross-site scripting (XSS) vulnerability in the Java Management Console in Blue Coat ProxySG before SGOS 4.3.4.1, 5.x before SGOS 5.4.5.1, 5.5 before SGOS 5.5.4.1, and 6.x before SGOS 6.1.1.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vec...
Bluecoat Sgos 5.4.5
Bluecoat Sgos 4.2.3.4
Bluecoat Sgos 4.2.4.1
Bluecoat Sgos 4.2.5.1
Bluecoat Sgos 4.2.7.1
Bluecoat Sgos 4.2.6
Bluecoat Sgos 4.2.2.2
Bluecoat Sgos 4.2.1.2
Bluecoat Sgos 4.2.6.1
Bluecoat Sgos 4.2.6.4
Bluecoat Sgos 4.1.2.1
Bluecoat Sgos 3.2.6
Bluecoat Sgos
Bluecoat Sgos 4.2.2
Bluecoat Sgos 4.2.3
Bluecoat Sgos 4.2.3.7
Bluecoat Sgos 4.2.3.12
Bluecoat Sgos 5.2.2.4
Bluecoat Sgos 6.1.2
Bluecoat Sgos 5.5.4
Bluecoat Sgos 4.2.5
Bluecoat Sgos 4.2.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »