Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caucho technology resin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-2032
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote malicious users to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_usern...
Caucho Resin 3.1.10
Caucho Resin 3.1.5
Caucho Resin 4.0.6
1 EDB exploit
5
CVSSv2
CVE-2007-2440
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
Caucho Technology Resin
1 EDB exploit
5
CVSSv2
CVE-2007-2441
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.
Caucho Technology Resin
1 EDB exploit
9.4
CVSSv2
CVE-2007-2439
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.
Caucho Technology Resin
7.8
CVSSv2
CVE-2006-1953
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote malicious users to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
5
CVSSv2
CVE-2006-2437
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to obtain the source code for file under the web root via the file parameter.
Caucho Technology Resin 3.0.18
Caucho Technology Resin 3.0.17
1 EDB exploit
5
CVSSv2
CVE-2006-2438
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant ...
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
5
CVSSv2
CVE-2004-0281
Caucho Technology Resin 2.1.12 allows remote malicious users to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Caucho Resin 2.1.12
1 EDB exploit
5
CVSSv2
CVE-2004-0280
Caucho Technology Resin 2.1.12 allows remote malicious users to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.
Caucho Technology Resin 2.1.12
4.3
CVSSv2
CVE-2003-1513
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 up to and including 2.1.2 allow remote malicious users to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe....
Caucho Technology Resin 2.1.1
Caucho Technology Resin 2.1.12
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »