← Back

Java Web Console

java_web_console

Vendor: Sun • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-2283
1Sun
2Java Web Console
Solaris
Apr 23, 2026
Jul 1, 2009
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HT...Show more
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.Show less
CVE-2008-5550
1Sun
3Java Web Console
SolarisSunos
Apr 23, 2026
Dec 12, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attac...Show more
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.Show less
CVE-2008-1286
1Sun
1Java Web Console
Apr 23, 2026
Mar 11, 2008
N/A· v4
N/A· v3
7.8 HIGH· v2
Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors.
CVE-2007-1681
1Sun
2Java Web Console
Solaris
Apr 23, 2026
Apr 19, 2007
N/A· v4
N/A· v3
7.5 HIGH· v2
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly ex...Show more
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.Show less