Description
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Remediation
References
Related Vulnerabilities
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Unspecified Vulnerability (2.6.4)
Joomla Other Vulnerability (CVE-2006-2960)
WordPress Plugin bbPress Cross-Site Scripting (2.5.8)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)