Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
resin vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2007-2440
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
Caucho Technology Resin
1 EDB exploit
505
VMScore
CVE-2007-2441
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and previous versions for Windows allows remote malicious users to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.
Caucho Technology Resin
1 EDB exploit
505
VMScore
CVE-2001-0304
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote malicious users to read arbitrary files via a "\.." (dot dot) in a URL request.
Caucho Technology Resin 1.2.2
1 EDB exploit
445
VMScore
CVE-2004-0280
Caucho Technology Resin 2.1.12 allows remote malicious users to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.
Caucho Technology Resin 2.1.12
445
VMScore
CVE-2002-1987
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote malicious users to read arbitrary files via a "\.." (backslash dot dot).
Caucho Technology Resin 2.1.2
445
VMScore
CVE-2002-1989
Resin 2.1.1 allows remote malicious users to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
Caucho Technology Resin 2.1.1
445
VMScore
CVE-2002-1988
Resin 2.1.1 allows remote malicious users to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources.
Caucho Technology Resin 2.1.1
NA
CVE-2006-19531
Rapid7 Security Advisory - The Caucho Resin web application server for Windows contains a directory traversal vulnerability that allows remote unauthenticated users to download any file from the system. It is possible to download files from any drive on the system. Versions 3.0.1...
383
VMScore
CVE-2010-2087
Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote malicious users to conduct cross-site scripting (XSS) attacks or execute arbitrary Expressio...
Oracle Mojarra 1.2 14
Oracle Mojarra 2.0.2
668
VMScore
CVE-2019-10104
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote malicious user to execute code when the configuration is running, because a JMX server listened on all ...
Jetbrains Intellij Idea
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »