CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

SUSE CVE•added 2023/02/15 5:56 a.m.•3 views

SUSE CVE-2010-4172

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

4.3CVSS4.9AI score0.11901EPSS

Exploits1References5

RedHat Linux•added 2011/12/05 5:39 p.m.•3 views

tomcat: security manager restrictions bypass

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service infinite lo...

4.4CVSS6.1AI score0.0013EPSS

Exploits1References4

Apache Tomcat•added 2011/09/22 12:0 a.m.•52 views

Fixed in Apache Tomcat 5.5.34

Moderate: Multiple weaknesses in HTTP DIGEST authentication CVE-2011-1184 Note: Mitre elected to break this issue down into multiple issues and have allocated the following additional references to parts of this issue: CVE-2011-5062, CVE-2011-5063 and CVE-2011-5064. The Apache Tomcat security tea...

7.5CVSS6.6AI score0.08784EPSS

Exploits2Affected Software1

NVD•added 2010/11/26 8:0 p.m.•16 views

CVE-2010-4172

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

4.3CVSS4.5AI score0.11901EPSS

Exploits1References24

Prion•added 2010/11/26 8:0 p.m.•15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

4.3CVSS6AI score0.11901EPSS

Exploits1References24Affected Software1

Cvelist•added 2010/11/26 7:0 p.m.•22 views

CVE-2010-4172

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

4.7AI score0.11901EPSS

Exploits1References24

UbuntuCve•added 2010/11/26 12:0 a.m.•25 views

CVE-2010-4172

Multiple cross-site scripting XSS vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 orderBy or 2 sort parameter to sessionsList.jsp, or unspecified input to 3...

4.3CVSS6.3AI score0.11901EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by