Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Application Server  Security Vulnerabilities
CVE-2001-0824
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
CVSS Score
7.5
EPSS Score
0.008
Published
2001-12-06
CVE-2001-0962
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
CVSS Score
7.5
EPSS Score
0.011
Published
2001-09-19
CVE-2001-0389
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
CVSS Score
5.0
EPSS Score
0.007
Published
2001-07-02
CVE-2001-0390
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters.
CVSS Score
5.0
EPSS Score
0.072
Published
2001-07-02
CVE-2001-0122
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error.
CVSS Score
5.0
EPSS Score
0.049
Published
2001-03-13
CVE-2000-0848
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
CVSS Score
10.0
EPSS Score
0.085
Published
2000-11-14
CVE-2000-0652
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
CVSS Score
5.0
EPSS Score
0.042
Published
2000-07-24
CVE-2000-0497
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
CVSS Score
7.5
EPSS Score
0.007
Published
2000-06-08
CVE-1999-0852
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
CVSS Score
7.2
EPSS Score
0.0
Published
1999-12-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved