← Back

Iplanet Web Server

iplanet_web_server

Vendor: Sun • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-2763
1Sun
2Iplanet Web Server
One Web Server
Apr 23, 2026
Jun 1, 2009
N/A· v4
N/A· v3
5.8 MEDIUM· v2
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST...Show more
The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.Show less
CVE-2007-0183
1Sun
1Iplanet Web Server
Apr 23, 2026
Jan 12, 2007
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is...Show more
Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2002-1042
2Netscape
Sun
4Enterprise Server
Iplanet Web ServerOne Application Server+1 more
Apr 16, 2026
Oct 4, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via .....Show more
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.Show less
CVE-2001-0606
2Hp
Sun
2Iplanet Web Server
Virtualvault
Apr 16, 2026
Aug 22, 2001
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.