CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-06-03 12:58:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6cd0d0806c9bf647d01eb3deca931ca47bebcbc7
CVEs-PoC/2017/CVE-2017-12616.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

36 lines
1.5 KiB
Markdown
Raw Blame History

### [CVE-2017-12616](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12616)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Tomcat&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.0.0%20to%207.0.80%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brightgreen)
### Description
When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CrackerCat/myhktools
- https://github.com/GhostTroops/myhktools
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/brunsu/woodswiki
- https://github.com/do0dl3/myhktools
- https://github.com/dusbot/cpe2cve
- https://github.com/hktalent/myhktools
- https://github.com/iqrok/myhktools
- https://github.com/r0eXpeR/redteam_vul
- https://github.com/safe6Sec/PentestNote
- https://github.com/superfish9/pt
- https://github.com/touchmycrazyredhat/myhktools
- https://github.com/trganda/dockerv
- https://github.com/trhacknon/myhktools
- https://github.com/woods-sega/woodswiki
- https://github.com/xiaokp7/Tomcat_PUT_GUI_EXP
Reference in New Issue View Git Blame Copy Permalink