Lucene search
K

96 matches found

CNVD
CNVD
added 2016/07/08 12:0 a.m.2 views

Apache struts2 devMode Remote Code Execution Vulnerability

Apache Struts is the United States Apache Apache Software Foundation is responsible for maintaining an open source project , is a set of open source MVC framework for creating enterprise-class Java Web applications . Apache struts2 devMode remote code execution vulnerability , the vulnerability i...

8.5AI score
Exploits0
myhack58
myhack58
added 2016/06/27 12:0 a.m.23 views

WVSS and RSAS to help you quickly detect Apache Struts2 remote code execution vulnerability S2-0 3 7-vulnerability warning-the black bar safety net

Apache Struts2 using the REST plugin the cases, the attacker uses REST calls malicious expression can be remote code execution. The vulnerability number CVE-2 0 1 6-4 4 3 8, Set Name, S2-0 3 to 7. The vulnerability and S2-0 3 3 vulnerability to trigger the process is basically the same, are in th...

2.6AI score
Exploits0
seebug.org
seebug.org
added 2016/06/21 12:0 a.m.13 views

Apache Struts2 security vulnerability S2-041)

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/06/16 12:0 a.m.6 views

Apache Struts2 Remote Code Execution Vulnerability (CNVD-2016-04040)

Apache Struts is an open source framework for creating enterprise Java Web applications. A remote code execution vulnerability exists in Struts2, which can be exploited by an attacker to remotely execute arbitrary code by calling a malicious expression using a REST plugin...

9.8CVSS9.8AI score0.17171EPSS
Exploits2References1
CNVD
CNVD
added 2016/06/03 12:0 a.m.8 views

Apache Struts2 Remote Code Execution Vulnerability (CNVD-2016-03754 )

Apache Struts is an open source framework for creating enterprise Java Web applications. A remote code execution vulnerability exists in Struts2, which can be exploited by an attacker to remotely execute code using a REST plugin to invoke a malicious expression with dynamic methods enabled...

9.8CVSS9.8AI score0.81087EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2016/06/01 12:0 a.m.19 views

Default Apache Struts2 Web Applications Detection (HTTP)

HTTP based detection of Default Apache Struts2 Web Applications. The functionality of this VT has been merged into the VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.3AI score
Exploits0
Huawei
Huawei
added 2016/05/27 12:0 a.m.42 views

Security Advisory - Apache Struts2 Remote Code Execution Vulnerability in Huawei Products

Apache Struts2 released a remote code execution vulnerability in S2-032 on the official website,when Dynamic Method Invocation DMI is enabled, an exploit could allow the attacker to cause remote code execution.Vulnerability ID: HWPSIRT-2016-04052 This vulnerability has been assigned a Common...

9.3CVSS8.2AI score0.9373EPSS
Exploits12Affected Software16
canvas
canvas
added 2016/04/26 2:59 p.m.611 views

Immunity Canvas: STRUTS2_DMI_RCE

Name| struts2dmirce ---|--- CVE| CVE-2016-3081 Exploit Pack| CANVAS Description| struts2dmirce Notes| CVE Name: CVE-2016-3081 VENDOR: Apache NOTES: The JAR Server will listen on the port provided in the UI. However, if that port is unavailable, a random one will be chosen. Example vulnerable...

9.3CVSS8AI score0.9373EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2014/07/07 12:0 a.m.51 views

VMware vCenter Operations Management Suite Multiple Vulnerabilities (VMSA-2014-0007)

The version of vCenter Operations Manager installed on the remote host is prior to 5.8.2. It is, therefore, affected by the following vulnerabilities : - An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploa...

7.5CVSS7.2AI score0.99614EPSS
Exploits15References7
Huawei
Huawei
added 2014/07/07 12:0 a.m.94 views

Security Advisory-Apache Struts2 vulnerability on Huawei multiple products

Some versions of Apache Struts2 software used in Huawei devices have security vulnerabilities. A patch released for the software to fix vulnerabilities CVE-2014-0050 and CVE-2014-0094 has the risk of being bypassed. Vulnerability ID: HWPSIRT-2014-0420 This Vulnerability has been assigned Common...

7.5CVSS2.2AI score0.99614EPSS
Exploits15Affected Software12
myhack58
myhack58
added 2014/04/29 12:0 a.m.11 views

In those years, those Apache Struts2 vulnerability-vulnerability warning-the black bar safety net

Each Apache Struts2 vulnerabilities the outbreak of the on the Internet set off a Reign of terror, we have compiled in recent years Apache Struts2 high-risk vulnerabilities in the information for your reference. For the Apache Struts2 vulnerability, nsfocus has provided an online checking tool to...

1.4AI score
Exploits0
CERT
CERT
added 2014/04/25 12:0 a.m.86 views

Apache Struts2 ClassLoader allows access to class properties via request parameters

Overview Apache Struts2 2.3.16.1 and earlier contain a vulnerability where the ClassLoader allows access to class properties via request parameters Description Apache Struts2 2.3.16.1 and earlier contain a vulnerability where the ClassLoader allows access to class properties via request parameter...

5CVSS8.6AI score0.99614EPSS
Exploits7References2
Dsquare
Dsquare
added 2014/02/08 12:0 a.m.83 views

Apache-Struts2 DevMode RCE

Apache-Struts2 DevMode RCE Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

0.6AI score
Exploits0
OpenVAS
OpenVAS
added 2014/01/15 12:0 a.m.50 views

Apache Archiva <= 1.3.6 Multiple RCE Vulnerabilities - Active Check

Apache Archiva is prone to multiple remote command execution RCE vulnerabilities in Apache Struts2. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

9.8CVSS9.3AI score0.99998EPSS
Exploits18References4
Exploit DB
Exploit DB
added 2014/01/14 12:0 a.m.74 views

Apache Struts2 2.0.0 &lt; 2.3.15 - Prefixed Parameters OGNL Injection

CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-016...

9.8CVSS9AI score0.99998EPSS
Exploits18
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.47 views

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was...

9.3CVSS0.4AI score0.99998EPSS
Exploits20
Huawei
Huawei
added 2013/07/30 12:0 a.m.124 views

Security Advisory-Multiple Apache Struts2 Vulnerabilities in Huawei Products

Apache Struts2 is a second-generation and enterprise-ready Java web application framework based on the Model-View-Controller MVC architecture. This advisory describes four vulnerabilities of Apache Struts 2.0.0 - 2.3.15. Huawei products and applications using the above versions of Apache Struts a...

9.8CVSS9.3AI score0.99998EPSS
Exploits32Affected Software26
OpenVAS
OpenVAS
added 2013/07/24 12:0 a.m.193 views

Apache Struts2 Redirection and Security Bypass Vulnerabilities

This host is running Apache Struts2 and is prone to redirection and security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbapachestruts2multredirectvuln.nasl 8373 2018-01-11 10:29:41Z cfischer $ Apache Struts2 Redirection and Security Bypass Vulnerabilities Authors: Thanga Prakash S...

9.3CVSS0.5AI score0.99998EPSS
Exploits20References5
OpenVAS
OpenVAS
added 2013/07/23 12:0 a.m.69 views

Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities

This host is running Apache Struts2 and is prone to arbitrary java method execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbapachestruts2javamethodexecvuln.nasl 8373 2018-01-11 10:29:41Z cfischer $ Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities...

9.3CVSS0.8AI score0.72778EPSS
Exploits11References5
seebug.org
seebug.org
added 2013/07/17 12:0 a.m.127 views

Apache Struts2 多个前缀参数远程命令执行漏洞(CVE-2013-2251)

CVE-2013-2251 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。它是WebWork和Struts社区合并后的产物 Apache Struts2的action:、redirect:和redirectAction:前缀参数在实现其功能的过程中使用了Ognl表达式,并将用户通过URL提交的内容拼接入Ognl表达式中,从而造成攻击者可以通过构造恶意URL来执行任意Java代码,进而可执行任意命令 redirect:和redirectAction:此两项前缀为Struts默认开启功能,目前Struts...

9.3CVSS1AI score0.99998EPSS
Exploits18
Rows per page
Query Builder