WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2007-5461)

Description

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

Remediation

References

Related Vulnerabilities

Joomla! Core 3.9.x Cross-Site Request Forgery (3.9.0 - 3.9.22)

MySQL CVE-2019-2694 Vulnerability (CVE-2019-2694)

WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.0)

Envoy Proxy Use After Free Vulnerability (CVE-2023-35942)

TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743)

Severity

Low

Classification

CVE-2007-5461 CWE-22

Tags

Missing Update Known Vulnerabilities