Vulnerabilities > Apache > Tomcat > 6.0.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-12 | CVE-2008-0002 | Remote Information Disclosure vulnerability in Apache Tomcat Parameter Processing Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception. network apache | 5.8 |
2007-08-14 | CVE-2007-3386 | Cross-Site Scripting vulnerability in Apache Tomcat Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action. | 4.3 |