2 matches found
tomcat: password disclosure vulnerability
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file...
JEECMS后台任意文件编辑漏洞and官方漏洞及拿shell
简要描述: JEECMS后台任意文件编辑漏洞以及官方的demo站、官方服务器安全问题 详细说明: 2.x后台: login/Jeecms.do 3.x后台: jeeadmin/jeecms/index.do 默认账户:admin 默认密码:password 获取tomcat密码: /jeeadmin/jeecms/template/vedit.do?root=../../conf/&name=../../conf/tomcat-users.xml 获取JDBC数据库账号密码:...