Author: Mark Thomas

Country:

Reported research: 28

Advisories

Risk	Topic & Details
High	Apache Tomcat JK ISAPI Connector 1.2.41 Buffer Overflow (CVE assigned) Remote \| 2016-10-12
High	Apache Tomcat Authentication bypass and information disclosure (CVE assigned) Remote \| 2011-09-01
Med.	Apache Tomcat security constraint bypass (CVE assigned) Remote \| 2011-05-24
Med.	Apache Tomcat 7.0.11 information disclosure (CVE assigned) Remote \| 2011-04-11
Low	Apache Tomcat Manager XSS vulnerability (CVE assigned) Remote \| 2011-02-22
Med.	Apache Tomcat 6.0.26 5.5.29 information disclosure vulnerability (CVE assigned) Remote \| 2010-04-27
Med.	Apache Tomcat 6.0.20 and 5.5.28 unexpected file deletion in work directory (CVE assigned) Remote \| 2010-01-29
Med.	Apache Tomcat 6.0.20 and 5.5.28 insecure partial deploy after failed undeploy (CVE assigned) Remote \| 2010-01-29
Med.	Apache Tomcat 6.0.20 and 5.5.28 unexpected file deletion and/or alteration (CVE assigned) Remote \| 2010-01-29
High	Apache Tomcat Windows Installer insecure default administrative password (CVE assigned) Remote \| 2009-11-16
Low	Apache Tomcat Information disclosure (CVE assigned) Local \| 2009-06-08
Low	Apache Tomcat User enumeration vulnerability with FORM authentication (CVE assigned) Remote \| 2009-06-08
Med.	Apache Tomcat DoS when using Java AJP connector (CVE assigned) Remote \| 2009-06-08
Med.	Spring Framework Remote Denial of Service Vulnerability (CVE assigned) Remote \| 2009-04-29
Low	Apache Tomcat mod_jk information disclosure vulnerability (CVE assigned) Remote \| 2009-04-13
Low	XSS in Apache Tomcat examples web application (CVE assigned) Remote \| 2009-03-13
Med.	Tomcat information disclosure vulnerability (CVE assigned) Remote \| 2009-03-01
Low	Apache Tomcat information disclosure (CVE assigned) Remote \| 2008-10-14
Low	Tomcat host-manager XSS vulnerability (CVE assigned) Remote \| 2008-06-03
Med.	Tomcat information disclosure vulnerability (CVE assigned) Remote \| 2008-02-12
Med.	Tomcat duplicate request processing vulnerability (CVE assigned) Remote \| 2008-02-12
Low	Tomcat Cookie handling vulnerabilities (CVE assigned) Remote \| 2008-02-12
Low	Handling of \" in cookies (CVE assigned) Remote \| 2007-08-15
Low	XSS in Host Manager (CVE assigned) Remote \| 2007-08-15
Low	XSS in Tomcat send mail example (CVE assigned) Remote \| 2007-07-25
Low	Apache Tomcat XSS vulnerability in Manager (CVE assigned) Remote \| 2007-06-22
Low	Apache Tomcat XSS vulnerabilities in the JSP examples (CVE assigned) Remote \| 2007-06-17
Low	Tomcat documentation XSS vulnerabilities (CVE assigned) Remote \| 2007-05-22

Author: Mark Thomas

Country:

Reported research: 28

Advisories

High

Apache Tomcat JK ISAPI Connector 1.2.41 Buffer Overflow (CVE assigned)

Remote | 2016-10-12

High

Apache Tomcat Authentication bypass and information disclosure (CVE assigned)

Remote | 2011-09-01

Med.

Apache Tomcat security constraint bypass (CVE assigned)

Remote | 2011-05-24

Med.

Apache Tomcat 7.0.11 information disclosure (CVE assigned)

Remote | 2011-04-11

Low

Apache Tomcat Manager XSS vulnerability (CVE assigned)

Remote | 2011-02-22

Med.

Apache Tomcat 6.0.26 5.5.29 information disclosure vulnerability (CVE assigned)

Remote | 2010-04-27

Med.

Apache Tomcat 6.0.20 and 5.5.28 unexpected file deletion in work directory (CVE assigned)

Remote | 2010-01-29

Med.

Apache Tomcat 6.0.20 and 5.5.28 insecure partial deploy after failed undeploy (CVE assigned)

Remote | 2010-01-29

Med.

Apache Tomcat 6.0.20 and 5.5.28 unexpected file deletion and/or alteration (CVE assigned)

Remote | 2010-01-29

High

Apache Tomcat Windows Installer insecure default administrative password (CVE assigned)

Remote | 2009-11-16

Low

Apache Tomcat Information disclosure (CVE assigned)

Local | 2009-06-08

Low

Apache Tomcat User enumeration vulnerability with FORM authentication (CVE assigned)

Remote | 2009-06-08

Med.

Apache Tomcat DoS when using Java AJP connector (CVE assigned)

Remote | 2009-06-08

Med.

Spring Framework Remote Denial of Service Vulnerability (CVE assigned)

Remote | 2009-04-29

Low

Apache Tomcat mod_jk information disclosure vulnerability (CVE assigned)

Remote | 2009-04-13

Low

XSS in Apache Tomcat examples web application (CVE assigned)

Remote | 2009-03-13

Med.

Tomcat information disclosure vulnerability (CVE assigned)

Remote | 2009-03-01

Low

Apache Tomcat information disclosure (CVE assigned)

Remote | 2008-10-14

Low

Tomcat host-manager XSS vulnerability (CVE assigned)

Remote | 2008-06-03

Med.

Tomcat information disclosure vulnerability (CVE assigned)

Remote | 2008-02-12

Med.

Tomcat duplicate request processing vulnerability (CVE assigned)

Remote | 2008-02-12

Low

Tomcat Cookie handling vulnerabilities (CVE assigned)

Remote | 2008-02-12

Low

Handling of \" in cookies (CVE assigned)

Remote | 2007-08-15

Low

XSS in Host Manager (CVE assigned)

Remote | 2007-08-15

Low

XSS in Tomcat send mail example (CVE assigned)

Remote | 2007-07-25

Low

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)