Description
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
Remediation
References
Related Vulnerabilities
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15735)
WordPress Plugin Ultimate Maps by Supsystic SQL Injection (1.1.12)
Apache HTTP Server Incorrect Authorization Vulnerability (CVE-2014-8109)
MySQL CVE-2013-1552 Vulnerability (CVE-2013-1552)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-7724)