VYPR

Quercus

by Caucho Technology

CVEs (2)

  • CVE-2012-2969Aug 12, 2012
    risk 0.00cvss epss 0.04

    Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP request.

  • CVE-2012-2968Aug 12, 2012
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. (dot dot) in a pathname within an HTTP request.