Lucene search
K

4 matches found

Prion
Prion
added 2009/06/16 9:0 p.m.33 views

Directory traversal

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...

5CVSS6.5AI score0.18685EPSS
Exploits1References47Affected Software1
Prion
Prion
added 2009/03/09 9:30 p.m.25 views

Cross site scripting

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS5.9AI score0.09125EPSS
Exploits1References38Affected Software1
UbuntuCve
UbuntuCve
added 2009/03/09 12:0 a.m.38 views

CVE-2009-0781

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS6.4AI score0.09125EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/06/30 3:33 p.m.5 views

tomcat accept-language xss flaw

Cross-site scripting XSS vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616"...

2.6CVSS5.9AI score0.19889EPSS
Exploits1References4
Rows per page
Query Builder