Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Caucho Technology Resin服务程序view_source.jsp远程文件泄露漏洞
Vulnerability Description
Resin是一款由Caucho Technology公司分发的WEB服务器程序,使用于Microsoft Windows操作系统下。 Resin WEB服务程序包含的样例脚本view_source.jsp对用户输入缺少过滤,远程攻击者可以利用此漏洞进行目录遍历攻击。 Resin WEB服务程序中存在样例脚本view_source.jsp,view_source.jsp脚本在解析包含'/../'字符的特殊请求进行了过滤,不过攻击者可以通过提交包含'\..\'字符的请求进行目录遍历攻击,这样可绕过chroot
CVSS Information
N/A
Vulnerability Type
N/A