Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 3.2 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web s...
Apache Axis2 1.3
Apache Axis2 1.4
Apache Axis2 1.5.2
Apache Axis2 1.6
Apache Axis2 1.5
Apache Axis2 1.4.1
Apache Axis2 1.5.1
Sap Businessobjects 3.2
3 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1181 Github repositories
28 Articles
7.5
CVSSv2
CVE-2010-4367
awstats.cgi in AWStats prior to 7.0 accepts a configdir parameter in the URL, which allows remote malicious users to execute arbitrary commands via a crafted configuration file located on a (1) WebDAV server or (2) NFS server.
Awstats Awstats 6.3
Awstats Awstats 2.2.4
Awstats Awstats 6.5 1
Awstats Awstats 2.2.3
Awstats Awstats 6.0
Awstats Awstats 5.9
Awstats Awstats 5.2
Awstats Awstats 5.1
Awstats Awstats 6.2
Awstats Awstats 3.1
Awstats Awstats 6.5
Awstats Awstats 2.1.
Awstats Awstats 6.7
Awstats Awstats 6.1
Awstats Awstats 5.4
Awstats Awstats 5.3
Awstats Awstats 6.4
Awstats Awstats 6.4 1
Awstats Awstats 6.5 1.857
Awstats Awstats 4.1
Awstats Awstats 1.0
Awstats Awstats 5.8
1 EDB exploit
7.5
CVSSv2
CVE-2010-4368
awstats.cgi in AWStats prior to 7.0 on Windows accepts a configdir parameter in the URL, which allows remote malicious users to execute arbitrary commands via a crafted configuration file located at a UNC share pathname.
Awstats Awstats 6.4
Awstats Awstats 6.4 1
Awstats Awstats 2.2.3
Awstats Awstats 4.1
Awstats Awstats 5.9
Awstats Awstats 5.7
Awstats Awstats 5.0
Awstats Awstats
Awstats Awstats 3.0
Awstats Awstats 6.5
Awstats Awstats 2.1.
Awstats Awstats 6.5 1
Awstats Awstats 5.5
Awstats Awstats 5.4
Awstats Awstats 5.3
Awstats Awstats 5.2
Awstats Awstats 3.2
Awstats Awstats 6.2
Awstats Awstats 3.1
Awstats Awstats 6.3
Awstats Awstats 6.9
Awstats Awstats 6.6
7.5
CVSSv2
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 up to and including 6.0.20, 5.5.0 up to and including 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote malicious users to gain privileges.
Apache Tomcat 5.5.27
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.35
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 4.1.21
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
2 EDB exploits
6.8
CVSSv2
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5
Apache Tomcat
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
1 EDB exploit
6.8
CVSSv2
CVE-2003-0044
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x up to and including 3.3.1a allow remote malicious users to insert arbitrary web script or HTML.
Apache Tomcat 3.3
Apache Tomcat 3.3.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.1.1
Apache Tomcat 3.3.1a
Apache Tomcat 3.2
Apache Tomcat 3.2.1
5
CVSSv2
CVE-2006-3835
Apache Tomcat 5 prior to 5.5.17 allows remote malicious users to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Apache Tomcat 5.5.12
Apache Tomcat 5.5.7
Apache Tomcat 5.5.9
Apache Tomcat 5.0.28
Apache Tomcat 5.5.16
1 EDB exploit
5
CVSSv2
CVE-2005-0808
Apache Tomcat prior to 5.x allows remote malicious users to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
Apache Tomcat 3.2.1
Apache Tomcat 3.2.2
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.3.1a
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3
Apache Tomcat 3.3.1
5
CVSSv2
CVE-2003-0042
Jakarta Tomcat prior to 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote malicious users to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3.1
Apache Tomcat 3.2.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »