Vulnerabilities (CVE)

Filtered by vendor Jboss Subscribe
Filtered by product Jboss
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1157 1 Jboss 1 Jboss 2024-11-21 7.6 HIGH N/A
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.
CVE-2005-2006 1 Jboss 1 Jboss 2024-11-20 5.0 MEDIUM N/A
JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of the file.
CVE-2003-0845 1 Jboss 1 Jboss 2024-11-20 7.5 HIGH N/A
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.