Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Tomcat Source.JSP畸形请求导致信息泄露漏洞
Vulnerability Description
Apache Tomcat是一款由Apache Foundation维护的免费开放源代码的Web服务器程序。 Apache Tomcat中的realPath.jsp对用户提交的请求处理存在漏洞,可导致远程攻击者获得系统路径相关的信息。 Apache Tomcat安装后会提供在Web目录下建立test目录,并提供几个样例脚本,其中包括Source.JSP,攻击者可以直接请求Source.JSP,导致脚本返回Web目录安装路径信息。
CVSS Information
N/A
Vulnerability Type
N/A