Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache test vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-4094
The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default password for the ADMIN account, which makes it easier for remote malicious users to execute arbitrary code by leveraging access to the manager role. NOTE: this might overlap CVE-2009-354...
Ibm Rational Test Lab Manager
Ibm Rational Quality Manager
1 EDB exploit
7.5
CVSSv2
CVE-1999-0045
List of arbitrary files on Web host via nph-test-cgi script.
Netscape Communications Server 1.1
Apache Http Server 1.0.5
Apache Http Server 0.8.11
Netscape Enterprise Server 2.0a
Apache Http Server 1.0.2
Apache Http Server 1.1
Apache Http Server 1.0
Apache Http Server 1.0.3
Apache Http Server 0.8.14
Netscape Communications Server 1.12
Netscape Commerce Server 1.12
1 EDB exploit
5
CVSSv2
CVE-1999-0070
test-cgi program allows an malicious user to list files on the server.
Apache Http Server
1 EDB exploit
7.5
CVSSv2
CVE-2019-0187
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests run...
Apache Jmeter 5.0
Apache Jmeter 4.0
7.5
CVSSv2
CVE-2018-1297
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
3 Github repositories
7.5
CVSSv2
CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
4.3
CVSSv2
CVE-2012-5650
Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB prior to 1.0.4, 1.1.x prior to 1.1.2, and 1.2.x prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.
Apache Couchdb 1.0.2
Apache Couchdb 1.1.0
Apache Couchdb 1.0.1
Apache Couchdb 1.0.0
Apache Couchdb 1.2.0
Apache Couchdb
Apache Couchdb 1.1.1
4.3
CVSSv2
CVE-2007-1355
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.23, and 6.0.0 up to and includin...
Apache Tomcat 4.0.4
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 6.0.6
Apache Tomcat 5.0.14
Apache Tomcat 4.1.24
Apache Tomcat 5.0.22
Apache Tomcat 5.0.7
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 5.0.9
Apache Tomcat 5.0.15
Apache Tomcat 5.0.30
Apache Tomcat 5.0.23
Apache Tomcat 5.0.2
Apache Tomcat 5.0.10
Apache Tomcat 5.0.21
Apache Tomcat 5.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 5.0.6
Apache Tomcat 6.0.9
1 EDB exploit
5
CVSSv2
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote malicious users to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examp...
Apache Tomcat 3.2.4
Apache Tomcat 3.2.3
3 EDB exploits
7.5
CVSSv2
CVE-2017-7676
Policy resource matcher in Apache Ranger prior to 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.
Apache Ranger
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »