Lucene search

K

Getahead Security Vulnerabilities

cve
cve

CVE-2007-2377

The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and.....

7.3AI Score

0.006EPSS

2007-04-30 11:19 PM
23
cve
cve

CVE-2006-6916

Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infinite loop) via unknown vectors related to "crafted...

6.7AI Score

0.003EPSS

2022-10-03 04:21 PM
26
cve
cve

CVE-2007-0184

Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude...

7.2AI Score

0.016EPSS

2007-01-12 05:04 AM
32
cve
cve

CVE-2007-0185

Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a...

7.2AI Score

0.011EPSS

2007-01-12 05:04 AM
33