The host is running Adobe JRun and is prone to multiple vulnerabilities.
Successful exploitation could allow remote attackers to cause XSS attacks or Directory Traversal attack using the affected application. Impact Level: System/Application
Apply the security updates. http://download.macromedia.com/pub/coldfusion/updates/jmc-app.ear ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****
- Multiple XSS vulnerabilities exists due to error in the Management Console which can be exploited to inject arbitrary web script or HTML via unspecified vectors. - A Directory traversal attack is possible due to error in logging/logviewer.jsp in the Management Console which can be exploited by authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.
Adobe JRun version 4.0 on Windows
- Apache ActiveMQ Multiple Vulnerabilities
- Apache Tomcat Login Constraints Security Bypass Vulnerability
- An Image Gallery Multiple Cross-Site Scripting Vulnerability
- Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
- Apache Tomcat source.jsp malformed request information disclosure