Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mortbay jetty 6.1.5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6672
Mortbay Jetty 6.1.5 and 6.1.6 allows remote malicious users to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
Mortbay Jetty Jetty 6.1.6
Mortbay Jetty Jetty 6.1.5
NA
CVE-2009-4612
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x up to and including 6.1.21 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) jspsnoop/, (2) jspsnoop/ERROR/, a...
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 6.1.15
Mortbay Jetty 6.1.14
Mortbay Jetty 6.1.11
Mortbay Jetty 6.1.4
Mortbay Jetty 6.1.10
Mortbay Jetty 6.1.6
Mortbay Jetty 6.1.21
Mortbay Jetty 6.1.2
Mortbay Jetty 6.1.1
Mortbay Jetty 6.1.3
Mortbay Jetty 6.1.8
Mortbay Jetty 6.1.20
Mortbay Jetty 6.1.16
Mortbay Jetty 6.1.7
Mortbay Jetty 6.1.19
Mortbay Jetty 6.1.9
1 EDB exploit
NA
CVE-2009-4609
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote malicious users to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrated by discovering the value of the getPathTranslated variable.
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 6.0.0
Mortbay Jetty 6.1.15
Mortbay Jetty 6.1.14
Mortbay Jetty 6.1.11
Mortbay Jetty 6.1.4
Mortbay Jetty 6.1.10
Mortbay Jetty 6.0.1
Mortbay Jetty 6.1.6
Mortbay Jetty 6.1.2
Mortbay Jetty 6.1.1
Mortbay Jetty 6.1.3
Mortbay Jetty 6.1.8
Mortbay Jetty 6.1.20
Mortbay Jetty 6.1.16
Mortbay Jetty 6.1.7
Mortbay Jetty 6.1.19
Mortbay Jetty 6.1.9
Mortbay Jetty 6.0.2
Mortbay Jetty 7.0.0
NA
CVE-2009-4610
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for ...
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 6.0.0
Mortbay Jetty 6.1.15
Mortbay Jetty 6.1.14
Mortbay Jetty 6.1.11
Mortbay Jetty 6.1.4
Mortbay Jetty 6.1.10
Mortbay Jetty 6.0.1
Mortbay Jetty 6.1.6
Mortbay Jetty 6.1.2
Mortbay Jetty 6.1.1
Mortbay Jetty 6.1.3
Mortbay Jetty 6.1.8
Mortbay Jetty 6.1.20
Mortbay Jetty 6.1.16
Mortbay Jetty 6.1.7
Mortbay Jetty 6.1.19
Mortbay Jetty 6.1.9
Mortbay Jetty 6.0.2
Mortbay Jetty 7.0.0
1 EDB exploit
NA
CVE-2009-4611
Mort Bay Jetty 6.x up to and including 6.1.22 and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request cont...
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 6.0.0
Mortbay Jetty 6.1.15
Mortbay Jetty 6.1.14
Mortbay Jetty 6.1.11
Mortbay Jetty 6.1.4
Mortbay Jetty 6.1.10
Mortbay Jetty 6.0.1
Mortbay Jetty 6.1.6
Mortbay Jetty 6.1.2
Mortbay Jetty 6.1.1
Mortbay Jetty 6.1.3
Mortbay Jetty 6.1.8
Mortbay Jetty 6.1.20
Mortbay Jetty 6.1.16
Mortbay Jetty 6.1.7
Mortbay Jetty 6.1.19
Mortbay Jetty 6.1.9
Mortbay Jetty 6.0.2
Mortbay Jetty 7.0.0
5.3
CVSSv3
CVE-2011-4461
Jetty 8.1.0.RC2 and previous versions computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters.
Oracle Sun Storage Common Array Manager 6.9.0
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 7.0.0
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
1 Article
NA
CVE-2009-1523
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x prior to 6.1.17, and 7.x up to and including 7.0.0.M2 allows remote malicious users to access arbitrary files via directory traversal sequences in the URI.
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 7.0.0
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
2 EDB exploits
NA
CVE-2009-1524
Cross-site scripting (XSS) vulnerability in Mort Bay Jetty prior to 6.1.17 allows remote malicious users to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
Mortbay Jetty 5.1.13
Mortbay Jetty 3.0.a95
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started