Nokia » Electronic Documentation : Security Vulnerabilities, CVEs, CVSS score >= 2
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
Max CVSS
7.5
EPSS Score
1.42%
Published
2003-10-06
Updated
2008-09-10
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).
Max CVSS
5.0
EPSS Score
1.12%
Published
2003-10-06
Updated
2008-09-10
Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.
Max CVSS
4.3
EPSS Score
0.12%
Published
2003-10-06
Updated
2008-09-10
3 vulnerabilities found