SUSE CVE-2015-5345

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing /...

terracotta-lfidownload.txt

Its been awhile since I've posted something, so lets get to the goods. Terracotta is a an open source CMS from http://sourceforge.net/projects/terracotta/ First up, we have Full path disclosure vulnerabilities in the GET'd variable 'File'. Specify something other than whats in the list and we get...