• Apache Axis2 installation includes a JSP page accessible at axis2-web/HappyAxis.jsp that discloses at lot of sensitive information. An attacker could use this information to conduct further attacks.

• If you don't want this information to be publicly accessible you need to restrict access to the /axis2-web/ directory.

• • Apache Axis2 Web Administrator's Guide

• 

• CWE-200

• CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

• Information Disclosure

• WordPress Plugin Log Emails Information Disclosure (1.0.6)
• WordPress Plugin Stop User Enumeration User Enumeration (1.2.4)
• Joomla! Core 2.5.0 Information Disclosure (2.5.0 - 2.5.0)
• Tiki Wiki CMS: Remote Code Execution via Calendar Module
• Microsoft IIS Server service.cnf file found