Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache activemq 5.2.0 vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x prior to 5.3.2 and 5.4.x prior to 5.4.0 allows remote malicious users to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
Apache Activemq 5.3.0
Apache Activemq 5.3.1
Apache Activemq 5.0.0
Apache Activemq 5.4-snapshot
Apache Activemq 5.1.0
Apache Activemq 5.2.0
1 EDB exploit
383
VMScore
CVE-2013-1880
Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ prior to 5.9.0 allows remote malicious users to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerabi...
Apache Activemq 5.6.0
Apache Activemq 5.5.1
Apache Activemq 5.3.0
Apache Activemq 5.2.0
Apache Activemq
Apache Activemq 5.7.0
Apache Activemq 5.3.2
Apache Activemq 5.3.1
Apache Activemq 5.5.0
Apache Activemq 5.4.2
Apache Activemq 5.1.0
Apache Activemq 5.0.0
Apache Activemq 5.4.1
Apache Activemq 5.4.0
383
VMScore
CVE-2013-1879
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via vectors involving the "cron of a message."
Apache Activemq 5.5.0
Apache Activemq 5.5.1
Apache Activemq 5.0.0
Apache Activemq 5.3.0
Apache Activemq 5.4.2
Apache Activemq 5.2.0
Apache Activemq 5.3.1
Apache Activemq 5.6.0
Apache Activemq 5.3.2
Apache Activemq 5.1.0
Apache Activemq 5.7.0
Apache Activemq
Apache Activemq 5.4.1
Apache Activemq 5.4.0
445
VMScore
CVE-2012-6551
The default configuration of Apache ActiveMQ prior to 5.8.0 enables a sample web application, which allows remote malicious users to cause a denial of service (broker resource consumption) via HTTP requests.
Apache Activemq 5.4.0
Apache Activemq 5.3.2
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 5.4.2
Apache Activemq 5.4.1
Apache Activemq 4.1.1
Apache Activemq 4.1.0
Apache Activemq
Apache Activemq 5.6.0
Apache Activemq 5.3.1
Apache Activemq 5.3.0
Apache Activemq 4.0
Apache Activemq 5.5.1
Apache Activemq 5.5.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 5.0.0
383
VMScore
CVE-2012-6092
Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ prior to 5.8.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publi...
Apache Activemq 5.3.0
Apache Activemq 4.1.0
Apache Activemq 5.4.0
Apache Activemq 5.5.1
Apache Activemq 5.4.1
Apache Activemq 5.3.1
Apache Activemq 5.2.0
Apache Activemq 5.0.0
Apache Activemq 4.0
Apache Activemq 4.0.2
Apache Activemq
Apache Activemq 4.0.1
Apache Activemq 5.1.0
Apache Activemq 5.5.0
Apache Activemq 5.3.2
Apache Activemq 4.1.1
Apache Activemq 5.6.0
Apache Activemq 5.4.2
570
VMScore
CVE-2013-3060
The web console in Apache ActiveMQ prior to 5.8.0 does not require authentication, which allows remote malicious users to obtain sensitive information or cause a denial of service via HTTP requests.
Apache Activemq 5.4.0
Apache Activemq 5.3.2
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 5.4.2
Apache Activemq 5.4.1
Apache Activemq 4.1.1
Apache Activemq 4.1.0
Apache Activemq
Apache Activemq 5.6.0
Apache Activemq 5.3.1
Apache Activemq 5.3.0
Apache Activemq 4.0
Apache Activemq 5.5.1
Apache Activemq 5.5.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 5.0.0
384
VMScore
CVE-2014-8110
Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x prior to 5.10.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Apache Activemq 5.3.0
Apache Activemq 5.8.0
Apache Activemq 5.4.3
Apache Activemq 5.4.0
Apache Activemq 5.5.1
Apache Activemq 5.4.1
Apache Activemq 5.9.0
Apache Activemq 5.3.1
Apache Activemq 5.2.0
Apache Activemq 5.7.0
Apache Activemq 5.0.0
Apache Activemq 5.10.0
Apache Activemq 5.1.0
Apache Activemq 5.5.0
Apache Activemq 5.3.2
Apache Activemq 5.9.1
Apache Activemq 5.6.0
Apache Activemq 5.4.2
312
VMScore
CVE-2010-0684
Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ prior to 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
Apache Activemq
Apache Activemq 4.0.1
Apache Activemq 4.0
Apache Activemq 3.0
Apache Activemq 2.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 2.1
Apache Activemq 1.5
Apache Activemq 4.1.0
Apache Activemq 4.0.2
Apache Activemq 3.2
Apache Activemq 3.1
Apache Activemq 1.1
Apache Activemq 5.0.0
Apache Activemq 4.1.1
Apache Activemq 3.2.2
Apache Activemq 3.2.1
Apache Activemq 1.4
Apache Activemq 1.3
Apache Activemq 1.2
605
VMScore
CVE-2010-1244
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ prior to 5.3.1 allows remote malicious users to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
Apache Activemq
Apache Activemq 5.2.0
Apache Activemq 4.0
Apache Activemq 5.1.0
Apache Activemq 5.0.0
Apache Activemq 3.2.2
Apache Activemq 1.5
Apache Activemq 1.4
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 3.1
Apache Activemq 3.0
Apache Activemq 4.1.1
Apache Activemq 4.1.0
Apache Activemq 3.2.1
Apache Activemq 3.2
Apache Activemq 1.3
Apache Activemq 1.2
Apache Activemq 1.1
Apache Activemq 2.0
Apache Activemq 2.1
510
VMScore
CVE-2015-1830
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x prior to 5.11.2 for Windows allows remote malicious users to create JSP files in arbitrary directories via unspecified vectors.
Apache Activemq 5.0.0
Apache Activemq 5.1.0
Apache Activemq 5.2.0
Apache Activemq 5.3.0
Apache Activemq 5.3.1
Apache Activemq 5.3.2
Apache Activemq 5.4.0
Apache Activemq 5.4.1
Apache Activemq 5.4.2
Apache Activemq 5.4.3
Apache Activemq 5.5.0
Apache Activemq 5.5.1
Apache Activemq 5.6.0
Apache Activemq 5.7.0
Apache Activemq 5.8.0
Apache Activemq 5.9.0
Apache Activemq 5.9.1
Apache Activemq 5.10.0
Apache Activemq 5.10.1
Apache Activemq 5.10.2
Apache Activemq 5.11.0
Apache Activemq 5.11.1
2 EDB exploits
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »