Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
apache tomcat 3.2.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3)...
Apache Tomcat 3.2.4
Apache Tomcat 3.2.3
3 EDB exploits available
NA
CVE-2003-0042
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character....
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3.1
Apache Tomcat 3.2.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.3
1 EDB exploit available
NA
CVE-2003-0043
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file....
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3.1
Apache Tomcat 3.2.4
Apache Tomcat 3.3
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.2.1
Apache Tomcat 3.2.3
NA
CVE-2003-0044
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML....
Apache Tomcat 3.3
Apache Tomcat 3.3.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.1.1
Apache Tomcat 3.3.1a
Apache Tomcat 3.2
Apache Tomcat 3.2.1
NA
CVE-2003-0045
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp....
Apache Tomcat 3.2.1
Apache Tomcat 3.2.3
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.2.4
Apache Tomcat 3.3
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3.1
NA
CVE-2005-0808
Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007....
Apache Tomcat 3.2.1
Apache Tomcat 3.2.2
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.3.1a
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3
Apache Tomcat 3.3.1
NA
CVE-2002-2006
The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets....
Apache Tomcat 3.1
Apache Tomcat 3.2.1
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 4.0.3
Apache Tomcat 4.0.1
Apache Tomcat 4.1.0
Apache Tomcat 3.1.1
Apache Tomcat 4.0.2
Apache Tomcat 4.0.0
Apache Tomcat 3.2.3
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 3.3
1 EDB exploit available
NA
CVE-2002-1148
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet....
Apache Tomcat 3.1
Apache Tomcat 4.0.4
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 3.2.2
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 4.0.3
Apache Tomcat 4.0.1
Apache Tomcat 4.1.3
Apache Tomcat 4.1.10
Apache Tomcat 4.1.0
Apache Tomcat 3.1.1
Apache Tomcat 4.0.2
Apache Tomcat 4.0.0
Apache Tomcat 3.2.3
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 3.3
1 EDB exploit available
NA
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a...
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5
Apache Tomcat
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
Apache Tomcat 5.5.11
Apache Tomcat 5.5.6
Apache Tomcat 5.0.9
Apache Tomcat 5.0.15
Apache Tomcat 3.3.2
Apache Tomcat 5.0.30
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.0.23
Apache Tomcat 1.1.3
Apache Tomcat 3.2.4
Apache Tomcat 5.0.2
Apache Tomcat 5.5.5
Apache Tomcat 5.0.10
Apache Tomcat 5.0.21
Apache Tomcat 3.0
Apache Tomcat 5.0.26
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.0.0
Apache Tomcat 5.0.6
Apache Tomcat 4.1.31
Apache Tomcat 5.5.3
Apache Tomcat 5.0.27
Apache Tomcat 4.1.29
Apache Tomcat 5.0.16
Apache Tomcat 4.0.6
Apache Tomcat 5.5.9
Apache Tomcat 4.0.3
Apache Tomcat 5.0.18
Apache Tomcat 4.0.1
Apache Tomcat 3.3.1a
Apache Tomcat 5.5.2
Apache Tomcat 5.0.5
Apache Tomcat 5.0.28
Apache Tomcat 5.0.29
Apache Tomcat 5.5.0
Apache Tomcat 4.1.1
Apache Tomcat 5.5.13
Apache Tomcat 5.5.24
Apache Tomcat 4.1.12
Apache Tomcat 4.1.28
Apache Tomcat 5.0.13
Apache Tomcat 4.1.15
Apache Tomcat 4.1.3
Apache Tomcat 4.1.10
Apache Tomcat 5.5.8
Apache Tomcat 5.0.17
Apache Tomcat 5.5.16
Apache Tomcat 4.1.0
Apache Tomcat 3.1.1
Apache Tomcat 4.0.2
Apache Tomcat 5.5.17
Apache Tomcat 5.5.19
Apache Tomcat 4.0.5
Apache Tomcat 4.0.0
Apache Tomcat 4
Apache Tomcat 5.0.4
Apache Tomcat 3.2.3
Apache Tomcat 5.0.25
Apache Tomcat 5.0.1
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 5.0.11
Apache Tomcat 5.5.23
Apache Tomcat 5.0.3
Apache Tomcat 5.0.24
Apache Tomcat 3.3
Apache Tomcat 5.0.12
1 EDB exploit available
NA
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges....
Apache Tomcat 5.5.27
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.35
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 4.1.21
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
Apache Tomcat 6.0.7
Apache Tomcat 5.5.11
Apache Tomcat 4.1.25
Apache Tomcat 5.5.28
Apache Tomcat 6.0.4
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 4.1.39
Apache Tomcat 5.0.9
Apache Tomcat 4.1.4
Apache Tomcat 5.0.15
Apache Tomcat 3.3.2
Apache Tomcat 5.0.30
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.0.23
Apache Tomcat 3.2.4
Apache Tomcat 5.0.2
Apache Tomcat 5.5.5
Apache Tomcat 5.0.10
Apache Tomcat 4.1.27
Apache Tomcat 6.0.15
Apache Tomcat 4.1.30
Apache Tomcat 4.1.7
Apache Tomcat 4.1.38
Apache Tomcat 4.1.11
Apache Tomcat 5.0.21
Apache Tomcat 3.0
Apache Tomcat 5.0.26
Apache Tomcat 5.5.21
Apache Tomcat 4.1.18
Apache Tomcat 5.5.22
Apache Tomcat 6.0.20
Apache Tomcat 4.1.14
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 4.1.19
Apache Tomcat 5.0.0
Apache Tomcat 5.0.6
Apache Tomcat 6.0.9
Apache Tomcat 4.1.31
Apache Tomcat 5.5.3
Apache Tomcat 5.0.27
Apache Tomcat 4.1.16
Apache Tomcat 4.1.29
Apache Tomcat 5.0.16
Apache Tomcat 6.0.17
Apache Tomcat 4.1.22
Apache Tomcat 4.0.6
Apache Tomcat 6.0
Apache Tomcat 4.1.5
Apache Tomcat 4.1.26
Apache Tomcat 4.1.13
Apache Tomcat 4.1.8
Apache Tomcat 5.5.9
Apache Tomcat 4.0.3
Apache Tomcat 5.5.25
Apache Tomcat 5.0.18
Apache Tomcat 6.0.0
Apache Tomcat 4.1.17
Apache Tomcat 4.0.1
Apache Tomcat 3.3.1a
Apache Tomcat 6.0.14
Apache Tomcat 5.5.2
Apache Tomcat 5.0.5
Apache Tomcat 5.0.28
Apache Tomcat 5.0.29
Apache Tomcat 4.1.33
Apache Tomcat 5.5.0
Apache Tomcat 4.1.1
Apache Tomcat 5.5.13
Apache Tomcat 6.0.1
Apache Tomcat 6.0.12
Apache Tomcat 5.5.24
Apache Tomcat 4.1.12
Apache Tomcat 4.1.28
Apache Tomcat 5.0.13
Apache Tomcat 6.0.18
Apache Tomcat 4.1.15
Apache Tomcat 4.1.3
Apache Tomcat 4.1.10
Apache Tomcat 5.5.8
Apache Tomcat 5.0.17
Apache Tomcat 5.5.16
Apache Tomcat 4.1.0
Apache Tomcat 6.0.5
Apache Tomcat 4.1.20
Apache Tomcat 3.1.1
Apache Tomcat 4.0.2
Apache Tomcat 5.5.17
Apache Tomcat 5.5.19
Apache Tomcat 4.0.5
Apache Tomcat 4.1.23
Apache Tomcat 4.0.0
Apache Tomcat 4.1.34
Apache Tomcat 5.0.4
Apache Tomcat 4.1.32
Apache Tomcat 3.2.3
Apache Tomcat 4.1.37
Apache Tomcat 6.0.2
Apache Tomcat 5.0.25
Apache Tomcat 6.0.13
Apache Tomcat 5.0.1
Apache Tomcat 3.2
Apache Tomcat 3.3.1
Apache Tomcat 5.0.11
Apache Tomcat 5.5.23
Apache Tomcat 4.1.6
Apache Tomcat 5.0.3
Apache Tomcat 5.0.24
Apache Tomcat 6.0.16
Apache Tomcat 3.3
Apache Tomcat 6.0.8
Apache Tomcat 5.0.12
2 EDB exploits available
3 Metasploit modules available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary
CVE-2023-6514
CVE-2023-45285
CVE-2023-42917
validation
log injection
CVE-2023-36655
CVE-2023-48849
CVE-2023-23397
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »