Description
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by lovehacker · textremotemultiple
https://www.exploit-db.com/exploits/20722
References (2)
Core 2
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2533
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=98633597813833&w=2
Scores
EPSS
0.0503
EPSS Percentile
89.8%
Details
Status
published
Products (2)
caucho_technology/resin
1.2
caucho_technology/resin
1.3
Published
Jun 18, 2001
Tracked Since
Feb 18, 2026