Vulnerabilities (CVE)

Vendor filter

Getahead Subscribe

Filter

4 total CVE
CVE Vendors Products Updated CVSS
CVE-2007-0185 1 Getahead 1 Direct Web Remoting 2017-07-29 5.0
Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch.
CVE-2007-0184 1 Getahead 1 Direct Web Remoting 2017-07-29 7.5
Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks.
CVE-2007-2377 1 Getahead 1 Direct Web Remoting 2009-02-20 5.0
The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through...
CVE-2006-6916 1 Getahead 1 Direct Web Remoting 2008-09-05 7.5
Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infinite loop) via unknown vectors related to "crafted input."