High severityNVD Advisory· Published Jan 12, 2007· Updated Apr 23, 2026
CVE-2007-0184
CVE-2007-0184
Description
Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to public methods via a crafted request that bypasses the include/exclude checks.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.directwebremoting:dwrMaven | < 1.1.4 | 1.1.4 |
Affected products
8cpe:2.3:a:getahead:direct_web_remoting:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:getahead:direct_web_remoting:*:*:*:*:*:*:*:*range: <=1.1.3
- cpe:2.3:a:getahead:direct_web_remoting:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:getahead:direct_web_remoting:1.1.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- secunia.com/advisories/23641nvdVendor Advisory
- github.com/advisories/GHSA-384c-gg34-g96hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2007-0184ghsaADVISORY
- lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/31377nvdWEB
- getahead.ltd.uk/dwr/changelognvd
- osvdb.org/32657nvd
- www.securityfocus.com/bid/21955nvd
- www.vupen.com/english/advisories/2007/0095nvd
News mentions
0No linked articles in our index yet.