Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache tomcat 5.0.21 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2006-7195
Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 up to and including 5.0.30 and 5.5.0 up to and including 5.5.17 allows remote malicious users to inject arbitrary web script or HTML via certain header values.
Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.7Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 5.0.0Apache Tomcat 5.0.27Apache Tomcat 5.0.16Apache Tomcat 5.5.9
2.6
CVSSv2
CVE-2007-1858
The default SSL cipher configuration in Apache Tomcat 4.1.28 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote malicious users to obtain sensitive i...
Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 5.0.0Apache Tomcat 4.1.31
4.3
CVSSv2
CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.31, 5.0.0 up to and including 5.0.30, and 5.5.0 up to and including 5.5.15 allows remote malicious users to inject arbitrar...
Apache Tomcat 4.0.4Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.9Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.5.5Apache Tomcat 5.0.10
4.3
CVSSv2
CVE-2007-1355
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.23, and 6.0.0 up to and includin...
Apache Tomcat 4.0.4Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 6.0.6Apache Tomcat 5.0.14Apache Tomcat 4.1.24Apache Tomcat 5.0.22Apache Tomcat 5.0.7Apache Tomcat 6.0.7Apache Tomcat 6.0.4Apache Tomcat 5.0.9Apache Tomcat 5.0.15Apache Tomcat 5.0.30Apache Tomcat 5.0.23Apache Tomcat 5.0.2Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 6.0.10Apache Tomcat 6.0.3Apache Tomcat 5.0.6Apache Tomcat 6.0.9
4.3
CVSSv2
CVE-2007-2449
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.24, and 6.0.0 up to and inc...
Apache Tomcat 4.0.4Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 6.0.4Apache Tomcat 5.5.6Apache Tomcat 5.0.9Apache Tomcat 5.0.15Apache Tomcat 5.0.30
3.5
CVSSv2
CVE-2007-2450
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.24, and 6.0.0 up to and...
Apache Tomcat 4.1.2Apache Tomcat 4.0.4Apache Tomcat 4.1.36Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 4.1.24Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 6.0.4
4.3
CVSSv2
CVE-2007-3382
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote malicious users to cond...
Apache Tomcat 4.1.2Apache Tomcat 4.1.36Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 4.1.24Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 6.0.4Apache Tomcat 5.5.6
4.3
CVSSv2
CVE-2007-3385
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable se...
Apache Tomcat 4.1.2Apache Tomcat 4.1.36Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 4.1.24Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 6.0.4Apache Tomcat 5.5.6
6.8
CVSSv2
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache Tomcat 3.1Apache Tomcat 4.1.2Apache Tomcat 4.0.4Apache Tomcat 4.1.36Apache Tomcat 3.2.1Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5Apache TomcatApache Tomcat 5.0.19Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 4.1.24Apache Tomcat 3.2.2Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.0.7
7.5
CVSSv2
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 up to and including 6.0.20, 5.5.0 up to and including 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote malicious users to gain privileges.
Apache Tomcat 5.5.27Apache Tomcat 3.1Apache Tomcat 4.1.2Apache Tomcat 4.0.4Apache Tomcat 4.1.35Apache Tomcat 4.1.36Apache Tomcat 3.2.1Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 4.1.21Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 4.1.24Apache Tomcat 3.2.2Apache Tomcat 5.5.10Apache Tomcat 5.0.22Apache Tomcat 5.5.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook