WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Tomcat Other Vulnerability (CVE-2010-3718)

Description

Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.

Remediation

References

Related Vulnerabilities

WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.0)

WordPress Plugin AppPresser-Mobile App Framework Security Bypass (4.3.2)

WebLogic CVE-2020-14750 Vulnerability (CVE-2020-14750)

PHP Other Vulnerability (CVE-2015-6832)

WordPress Plugin Support Ticket System By Phoeniixx Unspecified Vulnerability (2.7)

Severity

Low

Classification

CVE-2010-3718

Tags

Missing Update Known Vulnerabilities