Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
resin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0399
Caucho Resin 1.3b1 and previous versions allows remote malicious users to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
Caucho Technology Resin 1.3
Caucho Technology Resin 1.2
1 EDB exploit
NA
CVE-2006-2437
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to obtain the source code for file under the web root via the file parameter.
Caucho Technology Resin 3.0.18
Caucho Technology Resin 3.0.17
1 EDB exploit
NA
CVE-2002-2090
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote malicious users to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.1.1
NA
CVE-2006-2438
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant ...
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
NA
CVE-2006-1953
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote malicious users to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
NA
CVE-2000-1224
Caucho Technology Resin 1.2 and possibly earlier allows remote malicious users to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and...
Caucho Technology Resin 1.1.5
Caucho Technology Resin 1.2
1 EDB exploit
NA
CVE-2008-2462
Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin prior to 3.0.25, and 3.1.x prior to 3.1.4, allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Caucho Resin
7.5
CVSSv3
CVE-2021-44138
There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote malicious users to read files in arbitrary directories via a ; in a pathname within an HTTP request.
Caucho Resin
NA
CVE-2007-2439
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.
Caucho Technology Resin
NA
CVE-2007-2440
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
Caucho Technology Resin
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »