1083 matches found
CVE-2020-7142
A eventinfocontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
CVE-2020-7171
A guidatadetail expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
CVE-2020-24650
A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...
Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
SploitGPT An autonomous AI penetration testing agent that con...
CVE-2019-16469
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure...
Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
🔴 ExploitDB RAG A RAG Retrieval Augmented Generation system...
SUSE CVE-2025-68156
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...
Linux Distros Unpatched Vulnerability : CVE-2025-68156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean,...
📄 Ivanti Endpoint Manager Mobile 12.5.0.0 Expression Language Injection
Ivanti Endpoint Manager Mobile version 12.5.0.0 proof of concept exploit with a vulnerability chain that allows unauthenticated attackers to execute arbitrary commands on the target system through Java Expression Language EL injection in the /mifs/rs/api/v2/featureusage endpoint...
CVE-2025-68156
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including flatten, min, max, mean, and median, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation...
📄 Commvault CLI 11.36.60 Remote Code Execution
Proof of concept exploit for the Commvault CLI version 11.36.60 remote code execution vulnerability. ============================================================================================================================================= | Title : Commvault CLI 11.36.60 RCE PHP Implementatio...
Exploit for Expression Language Injection in Redhat Richfaces
Simplest and most reliable RichFaces Paint2DResource CVE-2018-12...
Expression Language Injection
Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection. The vulnerability is due to unsafe SpEL evaluation in routes due to the actuator gateway endpoint being exposed and accessible to untrusted users; attackers can create routes that use SpEL to read environment...
Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
Penetration Testing & Vulnerability Research Cheatsheet 🛡️ !...
CVE-2025-41253
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
EUVD-2025-34761
Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection...
Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
GHSA-FWXX-WV44-7QFG Spring Cloud Gateway Server Webflux is vulnerable to Expression Language Injection
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
CVE-2025-41253
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...
CVE-2025-41253 Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server...