Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Japan Vulnerability Notes
Japan Vulnerability Notesadded 2007/06/15 12:0 a.m.33 views

JVN#07100457 Apache Tomcat cross-site scripting vulnerability

Apache Tomcat, provided by the Apache Software Foundation, is an implementation of Java Servlets and JavaServer Pages technologies. Apache Tomcat Web Application Manager contains a cross-site scripting vulnerability. Impact When a user logs into Apache Tomcat Web Application Manager, an arbitrary...

3.5CVSS7.2AI score0.01224EPSS
Exploits0
CVE
CVEadded 2007/05/09 10:0 p.m.116 views

CVE-2006-7196

Cross-site scripting (XSS) vulnerability in the calendar example (cal2.jsp) of Apache Tomcat affects 4.0.0–4.0.6, 4.1.0–4.1.31, 5.0.0–5.0.30, and 5.5.0–5.5.15. An attacker can inject arbitrary script via the time parameter to cal2.jsp (and possibly other vectors). This enables script execution in...

4.3CVSS5.5AI score0.79909EPSS
Exploits0References20Affected Software1
CVE
CVEadded 2006/07/25 12:0 a.m.122 views

CVE-2006-3835

CVE-2006-3835 affects Apache Tomcat 5 before 5.5.17. The vulnerability allows remote attackers to list directories by using a semicolon before a filename with a mapped extension, as shown by URLs like /;index.jsp or /;help.do. The initial description confirms the condition; related advisories (GH...

5CVSS7.3AI score0.51511EPSS
Exploits8References30Affected Software1
Rows per page
Query Builder