Home/Product/caucho technology resin
Product

caucho technology resin

27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2021-44138
>= 4.0.52 and <= 4.0.56
There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attacke
7.5HIGH
 CVE-2014-2966
<= 4.0.39
The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers
 CVE-2012-2969
<= 4.0.28
Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensi
 CVE-2012-2968
<= 4.0.28
Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create file
 CVE-2012-2967
<= 4.0.28
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for c
 CVE-2012-2966
<= 4.0.28
Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST par
 CVE-2012-2965
<= 4.0.28
Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables,
 CVE-2010-2032
all versions
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.1
 CVE-2008-2462
< 3.0.25
Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1
 CVE-2007-2441
<= 3.1.0
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path v
 CVE-2007-2440
<= 3.1.0
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote
 CVE-2007-2439
<= 3.1.0
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of servic
 CVE-2006-2438
all versions
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0
 CVE-2006-2437
all versions
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain
 CVE-2006-1953
all versions
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files vi
 CVE-2004-0281
all versions
Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ direct
 CVE-2004-0280
all versions
Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20"
 CVE-2003-1513
all versions
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote a
 CVE-2002-2090
all versions
Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device
 CVE-2002-1990
all versions
Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class
 CVE-2002-1989
all versions
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests con
 CVE-2002-1988
all versions
Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for n
 CVE-2002-1987
all versions
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (b
 CVE-2001-0828
<= 1.2.4
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a
 CVE-2001-0399
all versions
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-I
 CVE-2001-0304
all versions
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a
 CVE-2000-1224
all versions
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file wit
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh