| Max CVSS | 4.3 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4172 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to s
|
13-02-2023 - 04:28 | 26-11-2010 - 20:00 | |
| CVE-2010-3718 | 1.2 |
Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as
|
13-02-2023 - 04:25 | 10-02-2011 - 18:00 | |
| CVE-2011-0013 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the displ
|
13-02-2023 - 01:18 | 19-02-2011 - 01:00 |