Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
resin vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2438
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant ...
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
5
CVSSv2
CVE-2001-0399
Caucho Resin 1.3b1 and previous versions allows remote malicious users to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
Caucho Technology Resin 1.3
Caucho Technology Resin 1.2
1 EDB exploit
5
CVSSv2
CVE-2000-1224
Caucho Technology Resin 1.2 and possibly earlier allows remote malicious users to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and...
Caucho Technology Resin 1.1.5
Caucho Technology Resin 1.2
1 EDB exploit
5
CVSSv2
CVE-2002-2090
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote malicious users to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.1.1
7.8
CVSSv2
CVE-2006-1953
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote malicious users to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
Caucho Technology Resin 3.0.17
Caucho Technology Resin 3.0.18
5
CVSSv2
CVE-2006-2437
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to obtain the source code for file under the web root via the file parameter.
Caucho Technology Resin 3.0.18
Caucho Technology Resin 3.0.17
1 EDB exploit
4.3
CVSSv2
CVE-2008-2462
Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin prior to 3.0.25, and 3.1.x prior to 3.1.4, allows remote malicious users to inject arbitrary web script or HTML via the file parameter.
Caucho Resin
5
CVSSv2
CVE-2021-44138
There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote malicious users to read files in arbitrary directories via a ; in a pathname within an HTTP request.
Caucho Resin
5
CVSSv2
CVE-2004-0281
Caucho Technology Resin 2.1.12 allows remote malicious users to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.
Caucho Resin 2.1.12
1 EDB exploit
9.4
CVSSv2
CVE-2007-2439
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.
Caucho Technology Resin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »