CVE-2025-32103

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions...

Scriptcase 路径遍历漏洞

Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A path traversal vulnerability exists in Scriptcase version 9.4.019 that stems from improper parameter handling and allows an unauthenticated remote user to bypass SecurityManager's expected restrictions and...

tomcat: system property disclosure

It was discovered that when a SecurityManager was configured, Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible...

[SECURITY] [DLA 232-1] tomcat6 security update

Package : tomcat6 Version : 6.0.41-2+squeeze7 CVE ID : CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 Debian Bug : 787010 785312 785316 The following vulnerabilities were found in Apache Tomcat 6: CVE-2014-0227 The Tomcat security team identified that it was possible to conduct HTTP request smuggling...