Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caucho resin 2.1.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2003-1513
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 up to and including 2.1.2 allow remote malicious users to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe....
Caucho Technology Resin 2.1.1
Caucho Technology Resin 2.1.12
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
1 EDB exploit
5
CVSSv2
CVE-2002-1990
Resin 2.0.5 up to and including 2.1.2 allows remote malicious users to reveal physical path information via a URL request for the example Java class file HelloServlet.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
Caucho Technology Resin 2.1.1
5
CVSSv2
CVE-2002-2090
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote malicious users to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.1.1
7.5
CVSSv2
CVE-2012-2965
Caucho Quercus, as distributed in Resin prior to 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an "HTTP Parameter Contamination" issue.
Caucho Resin 4.0.6
Caucho Resin 4.0.12
Caucho Resin 4.0.2
Caucho Resin 4.0.21
Caucho Resin 4.0.13
Caucho Resin 4.0.15
Caucho Resin 4.0.20
Caucho Resin 3.1.12
Caucho Resin 3.1.10
Caucho Resin 3.1.8
Caucho Resin 3.0.13
Caucho Resin 3.0.11
Caucho Resin 3.0.20
Caucho Resin 3.0.19
Caucho Resin 3.0.4
Caucho Resin 2.1.12
Caucho Resin 2.1.8
Caucho Resin 2.1.10
Caucho Resin 2.1.5
Caucho Resin 2.0.3
Caucho Resin 2.1.1
Caucho Resin 4.0.10
7.5
CVSSv2
CVE-2012-2966
Caucho Quercus, as distributed in Resin prior to 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.
Caucho Resin 4.0.5
Caucho Resin 4.0.12
Caucho Resin 4.0.11
Caucho Resin 4.0.10
Caucho Resin 4.0.27
Caucho Resin 4.0.13
Caucho Resin 4.0.14
Caucho Resin 4.0.15
Caucho Resin 4.0.16
Caucho Resin 3.1.10
Caucho Resin 3.1.7
Caucho Resin 3.1.8
Caucho Resin 3.0.1
Caucho Resin 3.0.18
Caucho Resin 3.0.19
Caucho Resin 3.1.1
Caucho Resin 3.1.0
Caucho Resin 2.1.8
Caucho Resin 2.1.7
Caucho Resin 2.1.10
Caucho Resin 2.1.9
Caucho Resin 2.1.1
7.5
CVSSv2
CVE-2012-2967
Caucho Quercus, as distributed in Resin prior to 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack vectors.
Caucho Resin
Caucho Resin 4.0.8
Caucho Resin 4.0.22
Caucho Resin 4.0.23
Caucho Resin 4.0.24
Caucho Resin 4.0.25
Caucho Resin 3.1.5
Caucho Resin 3.1.6
Caucho Resin 3.0.2
Caucho Resin 3.1.4
Caucho Resin 3.0.11
Caucho Resin 3.0.16
Caucho Resin 3.0.17
Caucho Resin 3.0.14
Caucho Resin 3.0.15
Caucho Resin 2.1.13
Caucho Resin 2.1.snap
Caucho Resin 2.1.11
Caucho Resin 2.1.16
Caucho Resin 2.0.5
Caucho Resin 2.0.0
Caucho Resin 2.0.2
5
CVSSv2
CVE-2012-2968
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin prior to 4.0.29, allows remote malicious users to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.
Caucho Resin 4.0.4
Caucho Resin 4.0.3
Caucho Resin 4.0.2
Caucho Resin 4.0.1
Caucho Resin 4.0.18
Caucho Resin 4.0.19
Caucho Resin 4.0.20
Caucho Resin 3.1.13
Caucho Resin 3.0.6
Caucho Resin 3.0.7
Caucho Resin 3.0.12
Caucho Resin 3.0.13
Caucho Resin 3.1.2
Caucho Resin 3.0.5
Caucho Resin 3.0.4
Caucho Resin 3.0.3
Caucho Resin 2.1.3
Caucho Resin 2.1.6
Caucho Resin 2.1.5
Caucho Resin 2.0.4
Caucho Resin 2.0.3
Caucho Resin 4.0.11
6.4
CVSSv2
CVE-2012-2969
Caucho Quercus, as distributed in Resin prior to 4.0.29, allows remote malicious users to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.
Caucho Resin 4.0.5
Caucho Resin 4.0.12
Caucho Resin 4.0.11
Caucho Resin 4.0.10
Caucho Resin 4.0.13
Caucho Resin 4.0.14
Caucho Resin 4.0.15
Caucho Resin 4.0.16
Caucho Resin 4.0.8
Caucho Resin 4.0.6
Caucho Resin 4.0.9
Caucho Resin 4.0.4
Caucho Resin 4.0.24
Caucho Resin 4.0.26
Caucho Resin 4.0.18
Caucho Resin 4.0.20
Caucho Resin 3.1.6
Caucho Resin 3.1.4
Caucho Resin 3.1.10
Caucho Resin 3.0.9
Caucho Resin 3.0.7
Caucho Resin 3.0.14
5
CVSSv2
CVE-2002-1989
Resin 2.1.1 allows remote malicious users to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
Caucho Technology Resin 2.1.1
5
CVSSv2
CVE-2002-1988
Resin 2.1.1 allows remote malicious users to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.
Caucho Technology Resin 2.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started