Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-0857

EPSS 0.34% · P57
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0857

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sun管理中心性能报表模块跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Sun Management Center(Sun MC)是美国甲骨文(Oracle)公司的一套用于Sun服务器、台式机和存储设备的系统管理和监控解决方案。 Sun管理中心的性能报表模块中存在跨站脚本漏洞,可能允许远程非特权用户在用户浏览器中执行任意JavaScript代码,或窃取可能用于访问Sun管理中心Web控制台的会话cookie。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2009-0857

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2009-0857

登录查看更多情报信息。

Same Patch Batch · n/a · 2009-03-09 · 24 CVEs total

CVE-2009-0853CelerBB 'login.php'认证绕过和权限提升漏洞
CVE-2009-0855IBM WebSphere Application Server跨站脚本漏洞
CVE-2008-6450Under Construction Baby (UCB) PC2M 未明向量跨站脚本攻击漏洞
CVE-2008-6449Century Systems routers 跨站请求伪造漏洞
CVE-2008-6448Skyarc MTCMS WYSIWYG Editor 'install.cgi'跨站脚本攻击漏洞
CVE-2008-6447Quiksoft EasyMail Objects 'emmailstore.dll ' ActiveX控件远程缓冲区溢出漏洞
CVE-2008-6446Geniuscyber MAXSITE Guestbook组件'message'参数远程指令执行漏洞
CVE-2008-6445YourPlace未明漏洞
CVE-2008-6444Baidu Hi 'CSTransfer.dll'缓冲区溢出漏洞
CVE-2008-6443phpKF 'forum_duzen.php' SQL注入漏洞
CVE-2008-6442Sina DLoader Class ActiveX控件安全漏洞
CVE-2008-6441Epic Games Unreal Engine多个格式化字符串漏洞
CVE-2009-0027Redhat JBoss Enterprise Application Platform任意XML文件信息泄露漏洞
CVE-2009-0852CelerBB 'showme.php'信息泄露漏洞
CVE-2009-0851CelerBB多个SQL注入漏洞
CVE-2009-0850BitDefender Internet Security 2009文件名跨站脚本漏洞
CVE-2009-0849Novastor NovaNET DtbClsLogin()函数远程栈溢出漏洞
CVE-2009-0859Linux Kernel /ipc/shm.c文件本地拒绝服务漏洞
CVE-2009-0858djbdns超长响应报文远程缓存中毒漏洞
CVE-2009-0856IBM WebSphere应用服务器多个模块跨站脚本漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2009-0857

No comments yet

Leave a comment