Vulnerability Database
290,301
Total vulnerabilities in the database
CVE-2007-0184
Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks.
| Software | From | Fixed in |
|---|---|---|
| getahead / direct_web_remoting | 1.0 | 1.0.x |
| getahead / direct_web_remoting | 0.8 | 0.8.x |
| getahead / direct_web_remoting | 1.1.2 | 1.1.2.x |
| getahead / direct_web_remoting | 1.1.0 | 1.1.0.x |
| getahead / direct_web_remoting | 0.9 | 0.9.x |
| getahead / direct_web_remoting | 0.7 | 0.7.x |
| getahead / direct_web_remoting | 1.1.1 | 1.1.1.x |
| getahead / direct_web_remoting | - | 1.1.3.x |
org.directwebremoting / dwr
|
- | 1.1.4 |
- http://getahead.ltd.uk/dwr/changelog
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
- http://osvdb.org/32657
- http://secunia.com/advisories/23641
- http://www.securityfocus.com/bid/21955
- http://www.vupen.com/english/advisories/2007/0095
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31377