2 matches found
tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...
The vulnerability of the SAP NetWeaver Java Application Server, a software integration platform of SAP NetWeaver, allows attackers to inject arbitrary code into the web pages that are uploaded.
The vulnerability of SAP NetWeaver Java Application Server, a software integration platform of SAP NetWeaver, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the loaded web pages...