Lucene search
+L

549 matches found

Cvelist
Cvelist
added 2007/01/11 2:0 a.m.23 views

CVE-2007-0184

Getahead Direct Web Remoting DWR before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks...

7.3AI score0.01439EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/01/11 2:0 a.m.22 views

CVE-2006-6916

Getahead Direct Web Remoting DWR before 1.1.3 allows attackers to cause a denial of service infinite loop via unknown vectors related to "crafted input."...

6.4AI score0.02838EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/01/11 2:0 a.m.34 views

CVE-2007-0185

Getahead Direct Web Remoting DWR before 1.1.4 allows attackers to cause a denial of service memory exhaustion and servlet outage via unknown vectors related to a large number of calls in a batch...

7.2AI score0.01464EPSS
Exploits0References7
CVE
CVE
added 2007/01/11 2:0 a.m.76 views

CVE-2007-0185

DWR (Getahead Direct Web Remoting) before version 1.1.4 is vulnerable to denial of service due to memory exhaustion triggered by a large number of batched calls; the specific vectors are not detailed in the provided documents. No remediation details are present here.

5CVSS7.2AI score0.01464EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/01/11 2:0 a.m.64 views

CVE-2007-0184

CVE-2007-0184 concerns Getahead Direct Web Remoting (DWR) prior to 1.1.4. A crafted request can bypass include/exclude checks and enable unauthorized access to public methods, indicating an authorization bypass vulnerability . The connected documents reference this CVE across multiple advisories ...

7.5CVSS7.2AI score0.01439EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/01/11 2:0 a.m.56 views

CVE-2006-6916

CVE-2006-6916 affects Getahead Direct Web Remoting (DWR) prior to 1.1.3. The provided connected Red Hat entry corroborates that attackers can cause a denial of service (infinite loop) via crafted input. The exact root cause, vulnerable component(s) within DWR, affected versions beyond the stated ...

7.5CVSS6.7AI score0.02838EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/01/04 12:0 a.m.2774 views

Hacking AJAX DWR Applications

By Guy Karlebach & Amichai Shulman Introduction The introduction of AJAX into a web application improves the user experience significantly. However, the complexity of some AJAX frameworks and the limited field experience with them requires a careful examination of potential vulnerabilities. DWR i...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/01/04 12:0 a.m.41 views

DWR protection bypass

Protection againsts functions access is implemented in client side...

4.1AI score
Exploits0References1Affected Software1
NVD
NVD
added 2006/12/31 5:0 a.m.19 views

CVE-2006-6916

Getahead Direct Web Remoting DWR before 1.1.3 allows attackers to cause a denial of service infinite loop via unknown vectors related to "crafted input."...

7.5CVSS6.4AI score0.02838EPSS
Exploits0References1
Rows per page
Query Builder