3 matches found
br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2), info.kfgodel:bean2bean (>=1.1.5 <=1.1.6) +27 more potentially affected by CVE-2008-6504 via com.opensymphony:xwork (>=2.1.0 <=2.1.1)
com.opensymphony:xwork MAVEN version =2.1.0, =1.2.1, =1.1.5, =1.1.6 - net.sf.fastupload:fastupload-core =0.4.7 - org.apache.struts:struts2-apps =2.1.2 - org.apache.struts:struts2-blank =2.1.2 - org.apache.struts:struts2-codebehind-plugin =2.1.2 - org.apache.struts:struts2-config-browser-plugin...
CVE-2008-6504
CVE-2008-6504 affects OpenSymphony XWork (ParameterInterceptor) used in Apache Struts: OGNL refs to # context objects are not properly restricted, enabling remote OGNL evaluation and modification of server-side objects. Affected: XWork 2.0.x prior to 2.0.6 and 2.1.x prior to 2.1.2; vulnerability ...
CVE-2008-6504
creationtimestamp| type| source ---|---|--- 2008-11-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32564 2025-02-18 15:34:33+00:00| seen| https://gist.github.com/jpmartins-ca/4200d476e327a22a046f19199e252871...