Max CVSS 9.3 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2007-5461 3.5
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write reque
25-03-2019 - 11:29 15-10-2007 - 18:17
CVE-2008-0002 5.8
Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting dur
15-10-2018 - 21:56 12-02-2008 - 01:00
CVE-2007-6306 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) chart name or (2) chart tool tip text; or the (3) href, (4) shape, or (5) coord
15-10-2018 - 21:51 11-12-2007 - 21:46
CVE-2007-4575 9.3
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
29-09-2017 - 01:29 06-12-2007 - 02:46
CVE-2008-3273 5.0
JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by
08-08-2017 - 01:31 10-08-2008 - 20:41
CVE-2008-1285 4.3
Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
08-08-2017 - 01:30 11-03-2008 - 17:44
CVE-2007-6433 7.5
The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter.
08-03-2011 - 03:02 18-12-2007 - 20:46
Back to Top Mark selected
Back to Top