Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote malicious users to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant path disclosure when the parameter is invalid.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
caucho technology resin 3.0.17 |
||
caucho technology resin 3.0.18 |