Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with "recycling of a buffer."
aff5b40d48b744669b49fa2cfee527fa3db07c7cb604fbe5b035e218c9052351
Croogo CMS versions 1.2 and below suffer from cross site scripting vulnerabilities.
054008374f67a42198fe905618f0d4efa6eff61cdcfebaf1673a45fc12275af7
SmartSiteCMS version 1.0 suffers from an authentication bypass flaw.
e927a990bec5622b0a189e1db3cc0f36a0014e8a1d1b2223d5673362cecf26e9
Jaws Glossary version 0.4 through 0.5.1 suffer from cross site scripting flaws.
e991bfb30f2a1a7245f48d2e163c87e0ac4bb872253d33e7407bbdf4b33c4c0b
JAWS 0.4 is susceptible to cross site scripting attacks.
1f2754d0d427690a698ac40193a59e7779144e5251a3d4993becc4679d6d47f6