VYPR

Electronic Documentation

by Nokia

CVEs (3)

  • CVE-2003-0802Oct 6, 2003
    risk 0.03cvss epss 0.06

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).

  • CVE-2003-0801Oct 6, 2003
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.

  • CVE-2003-0803Oct 6, 2003
    risk 0.03cvss epss 0.05

    Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.