Description
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Remediation
References
Related Vulnerabilities
Grafana Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-10452)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2749)
WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1)
WordPress Plugin Flamingo Code Injection (1.1)
Oracle Database Server CVE-2006-5332 Vulnerability (CVE-2006-5332)