Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache wicket 7.0.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-7808
Apache Wicket prior to 1.5.13, 6.x prior to 6.19.0, and 7.x prior to 7.0.0-M5 make it easier for malicious users to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.
Apache Wicket 7.0.0
Apache Wicket
6.8
CVSSv2
CVE-2016-6806
Apache Wicket 6.x prior to 6.25.0, 7.x prior to 7.5.0, and 8.0.0-M1 provide a CSRF prevention measure that fails to discover some cross origin requests. The mitigation is to not only check the Origin HTTP header, but also take the Referer HTTP header into account when no Origin w...
Apache Wicket 6.24.0
Apache Wicket 6.21.0
Apache Wicket 6.22.0
Apache Wicket 6.23.0
Apache Wicket 6.20.0
Apache Wicket 7.0.0
Apache Wicket 7.1.0
Apache Wicket 7.2.0
Apache Wicket 7.3.0
Apache Wicket 7.4.0
Apache Wicket 8.0.0
5
CVSSv2
CVE-2014-3526
Apache Wicket prior to 1.5.12, 6.x prior to 6.17.0, and 7.x prior to 7.0.0-M3 might allow remote malicious users to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.
Apache Wicket
Apache Wicket 6.0.0
Apache Wicket 6.1.0
Apache Wicket 6.1.1
Apache Wicket 6.2.0
Apache Wicket 6.3.0
Apache Wicket 6.4.0
Apache Wicket 6.5.0
Apache Wicket 6.6.0
Apache Wicket 6.7.0
Apache Wicket 6.8.0
Apache Wicket 6.9.0
Apache Wicket 6.9.1
Apache Wicket 6.10.0
Apache Wicket 6.11.0
Apache Wicket 6.12.0
Apache Wicket 6.13.0
Apache Wicket 6.14.0
Apache Wicket 6.15.0
Apache Wicket 6.16.0
Apache Wicket 7.0.0
4.3
CVSSv2
CVE-2018-1325
In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.
Wicket-jquery-ui Project Wicket-jquery-ui 7.0.0
Wicket-jquery-ui Project Wicket-jquery-ui 8.0.0
Wicket-jquery-ui Project Wicket-jquery-ui
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started