CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

SUSE CVE•added 2023/02/15 6:11 a.m.•2 views

SUSE CVE-2007-3386

Cross-site scripting XSS vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...

4.3CVSS6.3AI score0.73782EPSS

Exploits2References6

seebug.org•added 2009/12/31 12:0 a.m.•10 views

Apache Tomcat Host Manager Servlet 跨站脚本攻击漏洞

No description provided by source...

7.1AI score

Exploits0

Cent OS•added 2007/09/28 8:11 a.m.•82 views

tomcat5 security update

CentOS Errata and Security Advisory CESA-2007:0871 Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Tomcat is a servlet container for Java...

4.3CVSS5.8AI score0.81412EPSS

Exploits6References7

seebug.org•added 2007/08/23 12:0 a.m.•52 views

Apache Tomcat Host Manager Servlet跨站脚本执行漏洞

BUGTRAQ ID: 25314 CVECAN ID: CVE-2007-3386 Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat实现上存在输入验证漏洞，远程攻击者可能利用引漏洞导致跨站脚本执行。 Apache Tomcat的Host Manager Servlet没有正确地过滤用户输入，如果用户向服务器提交了恶意请求的话就可以执行跨站脚本攻击，导致注入并执行任意HTML和Web脚本。 Apache Group Tomcat 6.0.0 - 6.0.13 Apache Group Tomcat 5.5.0 - 5.5.24...

4.3CVSS7.5AI score0.73782EPSS

Exploits2

seebug.org•added 2007/08/17 12:0 a.m.•22 views

Apache Tomcat Host Manager Servlet跨站脚本漏洞

Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。 Apache Tomcat主机管理器Servlet不正确过滤用户提交的数据，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。攻击者可以构建恶意WEB页，诱使用户访问来触发，可获得目标用户敏感信息。 Apache Software Foundation Tomcat 6.0.13 Apache Software Foundation Tomcat 6.0.12 Apache Software Foundation Tomcat 6.0.11 Apache Software Foundation Tomcat...

7AI score

Exploits0