PT-2026-20869

Name of the Vulnerable Software and Affected Versions Hyland Alfresco affected versions not specified Description An unauthenticated attacker can read arbitrary files from protected directories, such as WEB-INF, by accessing the /share/page/resource/ API endpoint. This can lead to the disclosure ...

CVE-2023-37525

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals...

CVE-2023-37525

CVE-2023-37525 affects HCL BigFix Compliance. The connected sources describe a sensitive information disclosure that lets a remote attacker access files under the WEB-INF directory, potentially exposing Java class files and configuration information and leading to unauthorized access to applicati...

EUVD-2023-41412

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals...

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE

A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If...

EUVD-2002-1840

Malware in sbrugna...

EUVD-2002-1836

Malware in sbrugna...

EUVD-2020-23785

Malware in sbrugna...

EUVD-2002-1835

Malware in sbrugna...

EUVD-2002-1837

Malware in sbrugna...

EUVD-2002-1838

Malware in sbrugna...

EUVD-2001-0179

Malware in sbrugna...

EUVD-2002-1834

Malware in sbrugna...

EUVD-2002-1839

Malware in sbrugna...

EUVD-2020-21819

Malware in sbrugna...

EUVD-2021-30819

Malicious code in bioql PyPI...

CVE-2002-1861

Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2002-1860

Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2002-1858

Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...