Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164: A critical security vulnerability, identified...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts

CVE-2024-53677 A kind old vulnerability that effect Apache...

PT-2025-35497

CVE-2025-6992 - Apache Struts Command Evaluation Remote Code Execution CVE ID : CVE-2025-6992 Published : Aug. 30, 2025, 11:15 p.m. | 1 hour, 34 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

PoC: Apache Struts2 CVE-2017-5638 Safe Educational Demo...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via EditInfoItemStrutsAction accessible through c/portal/editinfoitem. An attacker can redirect users to arbitrary external sites by crafting a malicious URL. Remediation Upgrade com.liferay:com.liferay.info.impl to versio...

PT-2025-34692 · Undefined · Undefined

CVE-2025-58039 - Apache Struts Remote Code Execution CVE ID : CVE-2025-58039 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-34651 · Undefined · Undefined

CVE-2025-58038 - Apache Struts Command Injection CVE ID : CVE-2025-58038 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-34585 · Undefined · Undefined

CVE-2025-22861 - Apache Struts Command Injection CVE ID : CVE-2025-22861 Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-34551 · Undefined · Undefined

CVE-2023-4143 - Apache Struts Remote Code Execution Vulnerability CVE ID : CVE-2023-4143 Published : Aug. 21, 2025, 11:15 p.m. | 1 hour ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details,...

PT-2025-34530 · Undefined · Undefined

CVE-2025-57824 - "Apache Struts Deserialization Vulnerability" CVE ID : CVE-2025-57824 Published : Aug. 21, 2025, 4:15 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

PT-2025-33614 · Undefined · Undefined

CVE-2025-55724 - Apache Struts Remote Code Execution CVE ID : CVE-2025-55724 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-33612 · Undefined · Undefined

CVE-2025-55722 - Apache Struts Cross-Site Scripting XSS CVE ID : CVE-2025-55722 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Improper Output Neutralization For Logs

org.apache.struts, struts-extras is vulnerable to Improper Output Neutralization for Logs. The vulnerability is due to LookupDispatchAction printing untrusted input to logs without filtering, which allows an attacker to craft input that injects misleading log entries, potentially confusing human ...

PT-2025-33454 · Undefined · Undefined

CVE-2025-8395 - "CVE-xxxx: Apache Struts SQL Injection Vulnerability" CVE ID : CVE-2025-8395 Published : Aug. 12, 2025, 11:15 p.m. | 3 hours, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link f...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

pocsuite3 Legal Disclaimer Usage of pocsuite3 for attacking targets without prior mutual consent is illegal. pocsuite3 is for security testing purposes only 法律免责声明 未经事先双方同意，使用 pocsuite3 攻击目标是非法的。 pocsuite3 仅用于安全测试目的 Overview pocsuite3 is an open-sourced remote vulnerability testing and...

PT-2025-32433 · Undefined · Undefined

CVE-2023-3194 - CVE-2022-1234: Apache Struts Remote Code Execution CVE ID : CVE-2023-3194 Published : Aug. 6, 2025, 11:15 p.m. | 3 hours, 21 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for...

Exploit for CVE-2025-54253

🔥 CVE-2025-54253 — Critical RCE Vulnerability in Adobe AEM For...

PT-2025-32116 · Undefined · Undefined

CVE-2025-54797 - Apache Struts Remote Code Execution CVE ID : CVE-2025-54797 Published : Aug. 5, 2025, 12:15 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: This CVE is a duplicate of CVE-2025-52464. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

CVE-2025-54656

UNSUPPORTED WHEN ASSIGNED Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts Extras: before 2. When using LookupDispatchAction, in some cases, Struts may print untrusted input to the logs without any filtering. Specially-crafted input may lead...

PT-2025-31770 · Undefined · Undefined

CVE-2025-54841 - Apache Struts SQL Injection CVE ID : CVE-2025-54841 Published : Aug. 1, 2025, 4:16 a.m. | 4 hours, 3 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...