CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-2032

Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to inject arbitrary web script or HTML via the (1) digest_realm or (2) digest_username parameters. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.8%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/1005-exploits/cauchoresin312-xss.txt
http://secunia.com/advisories/39839
http://www.securityfocus.com/archive/1/511341/100/0/threaded
http://www.securityfocus.com/bid/40251
http://www.vupen.com/english/advisories/2010/1201
https://exchange.xforce.ibmcloud.com/vulnerabilities/58733
http://packetstormsecurity.org/1005-exploits/cauchoresin312-xss.txt
http://secunia.com/advisories/39839
http://www.securityfocus.com/archive/1/511341/100/0/threaded
http://www.securityfocus.com/bid/40251
http://www.vupen.com/english/advisories/2010/1201
https://exchange.xforce.ibmcloud.com/vulnerabilities/58733

Products affected by CVE-2010-2032

Caucho » Resin » Version: 3.1.10

cpe:2.3:a:caucho:resin:3.1.10
Caucho » Resin » Version: 3.1.5

cpe:2.3:a:caucho:resin:3.1.5
Caucho » Resin » Version: 4.0.6

cpe:2.3:a:caucho:resin:4.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2032

Products

Pricing

Contact Us