Lucene search
PRIOn knowledge basePRION:CVE-2016-0793HistoryApr 01, 2016 - 7:59 p.m.
Design/Logic Flaw
2016-04-0119:59:00
PRIOn knowledge base
www.prio-n.com
3
Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or (b) “meaningless” characters.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jboss_wildfly_application_server | eq | 10.0.0 |
References
packetstormsecurity.com/files/136323/Wildfly-Filter-Restriction-Bypass-Information-Disclosure.html
bugzilla.redhat.com/show_bug.cgi?id=1305937
security.netapp.com/advisory/ntap-20180215-0001/
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03784en_us
www.exploit-db.com/exploits/39573/
Related
nvd
nvd
CVE-2016-0793
2016-04-01 19:59:00
cve
cve
CVE-2016-0793
2016-04-01 19:59:00
exploitpack
exploitpack
zdt
zdt
cvelist
cvelist
CVE-2016-0793
2016-04-01 19:00:00
exploitdb
exploitdb
openvas
openvas
'/../WEB-INF/' Information Disclosure Vulnerability (HTTP)
2022-08-03 00:00:00
'//WEB-INF/' Information Disclosure Vulnerability (HTTP)
2021-02-01 00:00:00
'/WEB-INF./' Information Disclosure Vulnerability (HTTP)
2005-11-03 00:00:00