Lucene search
K

26 matches found

GithubExploit
GithubExploit
added 2026/05/09 5:48 p.m.103 views

Exploit for CVE-2020-1938

Ghostcat - CVE-2020-1938 Exploit Lee archivos del Tomcat via AJP...

9.8CVSS7AI score0.9927EPSS
Exploits45
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1485

Malware in sbrugna...

5.2CVSS6.4AI score0.00369EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:37 a.m.3 views

SUSE CVE-2013-3707

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 OES 2 Linux, and OES 11 Linux Gold and SP1, does not make the intended SSLfree and SSLshutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of...

4.3CVSS6.8AI score0.01582EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.7 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
Gitee
Gitee
added 2021/05/08 5:29 p.m.6 views

Exploit for CVE-2020-1938

It is an exploit module/toolkit targeting Apache Tomcat. The primary CVE ID is CVE-2020-1938, also known as CNVD-2020-10487. The vulnerability class is Local File Inclusion LFI. The probable entry point is the poc.py script, which is typically invoked by running python poc.py with the required...

9.8CVSS7.3AI score0.9927EPSS
Exploits45
RedHat Linux
RedHat Linux
added 2020/11/04 1:39 a.m.8 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/07/01 10:57 a.m.5 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/06/11 9:11 a.m.3 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.3 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/05/11 8:19 p.m.2 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/05/11 8:15 p.m.3 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
Prion
Prion
added 2020/04/28 3:15 p.m.36 views

Remote code execution

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a...

7.5CVSS9.6AI score0.9927EPSS
Exploits45References5Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/28 12:0 a.m.13 views

PT-2020-2761 · Red Hat · Undertow

Name of the Vulnerable Software and Affected Versions: Undertow versions 2.0.29.Final and before Description: A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009. This issue allows a remote, unauthenticated attacker to read web...

9.8CVSS8.5AI score0.9927EPSS
Exploits45References18
Debian CVE
Debian CVE
added 2020/04/28 12:0 a.m.34 views

CVE-2020-1745

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a...

9.8CVSS7AI score0.04837EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.5 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.6 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/04/14 9:22 p.m.5 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedhatCVE
RedhatCVE
added 2020/04/14 7:14 p.m.32 views

CVE-2018-10865

It has been discovered that redhat-certification does not perform an authorization check and allows an unauthenticated user to call a "restart" RPC method on any host accessible by the system. An attacker could use this flaw to send requests to port 8009 of any host or to keep restarting the...

7.5CVSS3AI score0.01034EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/03/24 11:31 a.m.4 views

undertow: AJP File Read/Inclusion Vulnerability

A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances...

9.8CVSS7.2AI score0.04837EPSS
Exploits0References7
Veracode
Veracode
added 2020/03/13 12:44 a.m.33 views

Directory Traversal

undertow is vulnerable to directory traversal attacks. The vulnerability exists due to input validation error in AJP connector. A remote attacker can send a specially crafted HTTP request to port 8009/tcp and read arbitrary files on the system...

9.8CVSS5.3AI score0.9927EPSS
Exploits45References9Affected Software84
Rows per page
Query Builder