[] NeoSense
E X P L O I T S
title author type platform port cve id

Apache Tomcat 3.2.3/3.2.4 - 'Source.jsp' Information Disclosure

Author: Richard Brain
type: remote
platform: multiple
port: 
date_added: 2002-05-29 
date_updated: 2017-07-11 
verified: 1 
codes: CVE-2002-2007;OSVDB-13304 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/4876/info

Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation.

Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the source.jsp page is passed a malformed request, it may leak information. This information may include the web root directory, and possibly a directory listing.

http://example.com:80/examples/jsp/source.jsp??
http://example.com:80/examples/jsp/source.jsp?/jsp/
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.