Description
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Remediation
References
Related Vulnerabilities
WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)
Microsoft SQL Server Improper Input Validation Vulnerability (CVE-2001-0509)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1507)
WordPress Plugin CP Image Store with Slideshow Arbitrary File Download (1.0.5)