Exploit Apache Tomcat 3.2.3/3.2.4 - 'Source.jsp' Information Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21490
Проверка EDB
  1. Пройдено
Автор
RICHARD BRAIN
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
cve-2002-2007
Дата публикации
2002-05-29
Код:
source: https://www.securityfocus.com/bid/4876/info

Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation.

Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the source.jsp page is passed a malformed request, it may leak information. This information may include the web root directory, and possibly a directory listing.

http://example.com:80/examples/jsp/source.jsp??
http://example.com:80/examples/jsp/source.jsp?/jsp/
 
Источник
www.exploit-db.com

Похожие темы