This tool exploits an LFI vulnerability within Apache Tomcat named CVE-2020-1938 to not only view sensitive files, but also to run malicious JSP payloads.

It can be downloaded here (you will need to run it from the command line)

Usage:

ghostcat [target] [HTTP port] [AJP port] [file] [read/eval]