exploits , vulnerabilities , articles , Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability
| Title |
Apache Tomcat JSP Example Web Applications Cross Site Scripting Vulnerability |
| Published |
2007-06-14-12:00AM |
| Updated |
2007-06-15-03:50AM |
| Class |
Input Validation Error |
| CVE |
CVE-2007-2449 |
| Remote |
Yes |
| Local |
No |
| Credit |
These issues were discovered by an unknown security researcher and reported to JPCERT. |
| Vulnerable |
Apache Tomcat 6.0.13
Apache Tomcat 6.0.12
Apache Tomcat 6.0.11
Apache Tomcat 6.0.10
Apache Tomcat 6.0.1
Apache Tomcat 5.5.24
Apache Tomcat 5.5.23
Apache Tomcat 5.5.22
Apache Tomcat 5.5.21
Apache Tomcat 5.5.20
Apache Tomcat 5.5.19
Apache Tomcat 5.5.18
Apache Tomcat 5.5.17
Apache Tomcat 5.5.16
Apache Tomcat 5.5.15
Apache Tomcat 5.5.14
Apache Tomcat 5.5.13
Apache Tomcat 5.5.12
Apache Tomcat 5.5.11
Apache Tomcat 5.5.10
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.7
Apache Tomcat 5.5.6
Apache Tomcat 5.5.5
Apache Tomcat 5.5.4
Apache Tomcat 5.5.3
Apache Tomcat 5.5.2
Apache Tomcat 5.5.1
Apache Tomcat 5.5
Apache Tomcat 5.0.30
Apache Tomcat 5.0.16
Apache Tomcat 5.0.15
Apache Tomcat 5.0.14
Apache Tomcat 5.0.13
Apache Tomcat 5.0.12
Apache Tomcat 5.0.11
Apache Tomcat 5.0.10
Apache Tomcat 5.0.3
Apache Tomcat 5.0.2
Apache Tomcat 5.0.1
Apache Tomcat 4.1.36
Apache Tomcat 4.1
Apache Tomcat 4.0.6
Apache Tomcat 4.0.5
Apache Tomcat 4.0.4
Apache Tomcat 4.0.3
Apache Tomcat 4.0.2
Apache Tomcat 4.0.1
Apache Tomcat 4.0
Apache Tomcat 5.0 |
| Not Vulnerable |
|
| Code |
To exploit this issue, an attacker must entice an unsuspecting victim into following a malicious URI.
The following proof-of-concept URI is available:
http:/;www.example.com/jsp-examples/snp/snoop.jsp;[xss]
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Fri, 11 Dec 2009 22:49:40 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
free india /search/ex sex tv 1 Www.123cli news for c null sessi Crack Data free sex m men Winmail news for c make up %253D+%252 %253D+%252 szanney.sp 200 /compo Luv+theme www.indian t852t puja www.nylond BitComet_d xp iis I agree wi Crack Data php-nuke 2 Album phot Crack Data www.25xb.c mambo Remo modernbill wap.xxx.co XXXX SEX snmp multi search/exp Crack+Data wap.xxx.co actress po Hornyladie 200 /compo nukedit //componen php-nuke 2 FREE SEX T www.sexy p www.zql.yn blog.com.m 24gens t55t voyegur
|
