Description

When Apache Tomcat is installed with a default configuration, several example files are also installed. These files may disclose sensitive information that could help a potential attacker.

Remediation

Remove these files from the server.

Related Vulnerabilities

PHP-CGI remote code execution

WordPress Plugin Aspose Importer & Exporter Arbitrary File Download (2.0)

Macromedia Dreamweaver remote database scripts

WordPress Plugin MAC PHOTO GALLERY 'albid' Parameter Arbitrary File Disclosure (2.8)

XML External Entity Injection via external file

Severity

Medium

Classification

CWE-538 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Test Files Information Disclosure