- The WEB-INF/web.xml Deployment Descriptor file describes how to deploy a web application in a servlet container such as Tomcat. Normally, this file should not be accessible. However, Acunetix WS was able to read the contents of this file by using various encodings and directory traversal variants.
- Restrict access to this file.
- Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.23)
- WordPress Pingback Source URI Denial of Service and Information Disclosure Vulnerabilities (0.6.2 - 2.1.3)
- WordPress Plugin Grand Flagallery-Photo Gallery Information Disclosure (4.24)
- Joomla! Core 3.x.x Information Disclosure (3.1.0 - 3.8.7)
- Unprotected phpMyAdmin interface