Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多家厂商WEB-INF目录内容远程泄露漏洞
Vulnerability Description
Sybase Enterprise Application Server、Oracle9i Application Server with OC4J、Orion Server、Macromedia/Allaire JRun、HP Application Server、Pramati Application Server和jo! Webserver多家厂商都实现Win32 servlet引擎机制。 这些Win32 servlet引擎在处理受限目录WEB-INF请求时不够正确,远程攻击者可以利用这个漏洞访问W
CVSS Information
N/A
Vulnerability Type
N/A