Resin Professional
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2032 | 0.03 | — | 0.03 | May 24, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username… | |||
| CVE-2007-2440 | 0.03 | — | 0.04 | May 16, 2007 | Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence. | |||
| CVE-2007-2439 | 0.00 | — | 0.02 | May 16, 2007 | Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension. |
- CVE-2010-2032May 24, 2010risk 0.03cvss —epss 0.03
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username…
- CVE-2007-2440May 16, 2007risk 0.03cvss —epss 0.04
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
- CVE-2007-2439May 16, 2007risk 0.00cvss —epss 0.02
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.