CVE-2007-2090
published 2007-04-18CVE-2007-2090: Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg…
PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.67%
73.8th percentile
Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tumusika_evolution | tumusika_evolution | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
A number of tomcat issues
bugzilla·2007-05-09·CVSS 5.0
CVE-2005-3164 [MEDIUM] A number of tomcat issues
A number of tomcat issues
A number of issues affected tomcat 4.0.6 as distributed with Stronghold. Most
of these are minor severity, all need triaging:
http://tomcat.apache.org/security-4.html
Information disclosure CVE-2005-3164
Information disclosure CVE-2005-2090
Directory traversal CVE-2007-0450
Cross-site scripting CVE-2007-1358
Cross-site scripting CVE-2006-7196
Directory listing CVE-2006-3835
Cross-site scripting CVE-2005-4838
Denial of service CVE-2005-3510
Denial of service CVE-2003-0866
Information disclosure CVE-2002-2006
Discussion:
closing; Stronghold has reached end of life.
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
bugzilla·2007-04-30·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)
A number of flaws affect the version of Tomcat5 shipped with RHAPS-EL3 (last
updated in RHSA-2006:0592 to 5.0.28). Please see linked bugs for details.
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0340.html
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835)
bugzilla·2007-04-19·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835)
A number of flaws affect the version of Tomcat5 shipped with RHAPS2 (last
updated in RHSA-2006:0161 to 5.5.12). Please see linked bugs for details.
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0326.html
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
bugzilla·2007-04-19·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
A number of flaws affect the version of Tomcat5 shipped with RHDS3. Please see
linked bugs for details.
Discussion:
Run manually:
http://yakko.test.redhat.com/run.php?runid=14719
http://yakko.test.redhat.com/run.php?runid=14720
---
Thanks Mark.
Vivek, Can you check those test runs and sign off on the changes as required.
Thanks.
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0328.html
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
bugzilla·2007-04-19·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
A number of flaws affect the version of Tomcat5 shipped with RHEL5. Please see
linked bugs for details.
Discussion:
The fix had already been merged to the RHEL-5 branch and tagged. The
corresponding backports were made to the 5.0.z branch and shipped as part of
http://rhn.redhat.com/errata/RHSA-2007-0327.html.
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
bugzilla·2007-04-19·CVSS 4.3
CVE-2005-2090 [MEDIUM] CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195)
+++ This bug was initially created as a clone of Bug #237088 +++ for EUS
A number of flaws affect the version of Tomcat5 shipped with RHEL5. Please see
linked bugs for details.
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0327.html
http://secunia.com/advisories/24874http://securityreason.com/securityalert/2585http://www.securityfocus.com/archive/1/465515/100/0/threadedhttp://www.vupen.com/english/advisories/2007/1374https://exchange.xforce.ibmcloud.com/vulnerabilities/33593http://secunia.com/advisories/24874http://securityreason.com/securityalert/2585http://www.securityfocus.com/archive/1/465515/100/0/threadedhttp://www.vupen.com/english/advisories/2007/1374https://exchange.xforce.ibmcloud.com/vulnerabilities/33593
2007-04-18
Published