Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 6.0.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1502
Liferay Portal Community Edition (CE) 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to read arbitrary files via an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.
Liferay Liferay Portal
NA
CVE-2011-1503
The XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat or Oracle GlassFish is used, allows remote authenticated users to read arbitrary (1) XSL and (2) XML files via a file:/// URL.
Liferay Liferay Portal
NA
CVE-2011-1570
Cross-site scripting (XSS) vulnerability in Liferay Portal Community Edition (CE) 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote authenticated users to inject arbitrary web script or HTML via a message title, a different vulnerability than CVE-2004-2030.
Liferay Liferay Portal
NA
CVE-2011-1571
Unspecified vulnerability in the XSL Content portlet in Liferay Portal Community Edition (CE) 5.x and 6.x prior to 6.0.6 GA, when Apache Tomcat is used, allows remote malicious users to execute arbitrary commands via unknown vectors.
Liferay Liferay Portal
1 EDB exploit
1 Github repository
NA
CVE-2011-0013
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 prior to 5.5.32, 6.0 prior to 6.0.30, and 7.0 prior to 7.0.6 allow remote malicious users to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
NA
CVE-2010-3718
Apache Tomcat 7.0.0 up to and including 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated usin...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.0
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
Apache Tomcat 6.0.1
Apache Tomcat 6.0.12
1 Github repository
NA
CVE-2011-0534
Apache Tomcat 7.0.0 up to and including 7.0.6 and 6.0.0 up to and including 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote malicious users to cause a denial of service (OutOfMemoryError) via a crafted request...
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 6.0.15
Apache Tomcat 6.0.20
Apache Tomcat 6.0.10
Apache Tomcat 6.0.29
Apache Tomcat 6.0.3
Apache Tomcat 6.0.9
Apache Tomcat 6.0.24
Apache Tomcat 6.0.17
Apache Tomcat 6.0.28
Apache Tomcat 6.0.0
Apache Tomcat 6.0.14
NA
CVE-2010-4312
The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to hijack a session via script access to a cookie.
Apache Tomcat 6.0.15
Apache Tomcat 6.0
Apache Tomcat 6.0.28
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.2
Apache Tomcat 6.0.26
Apache Tomcat 6.0.19
Apache Tomcat 6.0.16
Apache Tomcat 6.0.14
Apache Tomcat 6.0.6
Apache Tomcat 6.0.1
Apache Tomcat 6.0.0
Apache Tomcat 6.0.13
Apache Tomcat 6.0.24
Apache Tomcat 6.0.9
Apache Tomcat 6.0.29
Apache Tomcat 6.0.4
Apache Tomcat 6.0.3
Apache Tomcat 6.0.10
Apache Tomcat 6.0.20
Apache Tomcat 6.0.7
NA
CVE-2010-2227
Apache Tomcat 5.5.0 up to and including 5.5.29, 6.0.0 up to and including 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote malicious users to cause a denial of service (application outage) or obtain sensitive information via...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.9
Apache Tomcat 5.5.25
Apache Tomcat 5.5.2
Apache Tomcat 5.5.0
NA
CVE-2010-1157
Apache Tomcat 5.5.0 up to and including 5.5.29 and 6.0.0 up to and including 6.0.26 might allow remote malicious users to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading t...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.9
Apache Tomcat 5.5.25
Apache Tomcat 5.5.2
Apache Tomcat 5.5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »