Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

apache tomcat 5.0.19 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2

CVE-2005-2090

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content...
Apache Tomcat 4.1.24Apache Tomcat 5.0.19
4.3
CVSSv2

CVE-2006-7195

Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 up to and including 5.0.30 and 5.5.0 up to and including 5.5.17 allows remote malicious users to inject arbitrary web script or HTML via certain header values.
Apache Tomcat 5.0.0Apache Tomcat 5.0.1Apache Tomcat 5.0.2Apache Tomcat 5.0.10Apache Tomcat 5.0.11Apache Tomcat 5.0.12Apache Tomcat 5.0.13Apache Tomcat 5.0.14Apache Tomcat 5.0.15Apache Tomcat 5.0.16Apache Tomcat 5.0.17Apache Tomcat 5.0.18
2.6
CVSSv2

CVE-2007-1858

The default SSL cipher configuration in Apache Tomcat 4.1.28 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote malicious users to obtain sensitive i...
Apache Tomcat 4.1.28Apache Tomcat 4.1.31Apache Tomcat 5.0.0Apache Tomcat 5.0.1Apache Tomcat 5.0.2Apache Tomcat 5.0.10Apache Tomcat 5.0.11Apache Tomcat 5.0.12Apache Tomcat 5.0.13Apache Tomcat 5.0.14Apache Tomcat 5.0.15Apache Tomcat 5.0.16
4.3
CVSSv2

CVE-2006-7196

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.15 allows remote malicious users to inject arbitrar...
Apache TomcatApache Tomcat 4.0.0Apache Tomcat 4.0.1Apache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 4.0.6Apache Tomcat 5.0.0Apache Tomcat 5.0.1Apache Tomcat 5.0.2Apache Tomcat 5.0.3
4.3
CVSSv2

CVE-2007-1355

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.23, and 6.0.0 up to and includin...
Apache Tomcat 4.0.0Apache Tomcat 4.0.1Apache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 4.0.6Apache Tomcat 4.1.10Apache Tomcat 4.1.15Apache Tomcat 4.1.24Apache Tomcat 4.1.28Apache Tomcat 4.1.31
4.3
CVSSv2

CVE-2007-2449

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.24, and 6.0.0 up to and inc...
Apache TomcatApache Tomcat 4.0.0Apache Tomcat 4.0.1Apache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 5.0.0Apache Tomcat 5.0.1Apache Tomcat 5.0.2Apache Tomcat 5.0.3Apache Tomcat 5.0.4
3.5
CVSSv2

CVE-2007-2450

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.24, and 6.0.0 up to and...
Apache Tomcat 4.0.0Apache Tomcat 4.0.1Apache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 4.0.6Apache Tomcat 4.1.0Apache Tomcat 4.1.1Apache Tomcat 4.1.2Apache Tomcat 4.1.3Apache Tomcat 4.1.9
4.3
CVSSv2

CVE-2007-3385

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable se...
Apache Tomcat 3.3Apache Tomcat 3.3.1Apache Tomcat 3.3.1aApache Tomcat 3.3.2Apache Tomcat 4.1.0Apache Tomcat 4.1.1Apache Tomcat 4.1.2Apache Tomcat 4.1.3Apache Tomcat 4.1.9Apache Tomcat 4.1.10Apache Tomcat 4.1.15Apache Tomcat 4.1.24
4.3
CVSSv2

CVE-2007-3382

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote malicious users to cond...
Apache Tomcat 3.3Apache Tomcat 3.3.1Apache Tomcat 3.3.1aApache Tomcat 3.3.2Apache Tomcat 4.1.0Apache Tomcat 4.1.1Apache Tomcat 4.1.2Apache Tomcat 4.1.3Apache Tomcat 4.1.9Apache Tomcat 4.1.10Apache Tomcat 4.1.15Apache Tomcat 4.1.24
6.8
CVSSv2

CVE-2013-6357

Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache TomcatApache Tomcat 1.1.3Apache Tomcat 3.0Apache Tomcat 3.1Apache Tomcat 3.1.1Apache Tomcat 3.2Apache Tomcat 3.2.1Apache Tomcat 3.2.2Apache Tomcat 3.2.3Apache Tomcat 3.2.4Apache Tomcat 3.3Apache Tomcat 3.3.1
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
type confusionunspecifiedCVE-2025-24200reflected XSSpanelCVE-2024-12549temporal technologies, inc.CVE-2024-21971CVE-2024-57777CVE-2023-31122CVE-2025-0909winzip computingunified secops platform
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook