Description
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
Remediation
References
Related Vulnerabilities
WordPress Plugin 1-click Retweet/Share/Like Cross-Site Scripting (5.2)
WordPress Plugin Yes-co ORES Cross-Site Scripting (1.3.44)
WordPress Plugin Eyes Only:User Access Shortcode Cross-Site Scripting (1.8.2)
OpenSSL Excessive Iteration Vulnerability (CVE-2023-3817)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2335)