Lucene search
K

12 matches found

vulnersOsv
vulnersOsv
added 2022/05/04 12:29 a.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +80 more potentially affected by CVE-2012-0391 via org.apache.struts:struts2-core (>=2.0.5 <=2.2.3)

org.apache.struts:struts2-core MAVEN version =2.0.5, =1.2.1, =0.6, =3.0, =2.4.0, =2.1.0, =3.1.1 and more Source cves: CVE-2012-0391 Source advisory: OSV:GHSA-4WRR-9H5R-M92W...

9.8CVSS7.5AI score0.75071EPSS
Exploits11
VulnCheck KEV
VulnCheck KEV
added 2021/10/13 12:0 a.m.3 views

VulnCheck KEV: CVE-2012-0391

The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution...

9.8CVSS7.4AI score0.75071EPSS
Exploits11References1
Saint
Saint
added 2012/08/02 12:0 a.m.41 views

Apache Struts 2 ConversionErrorInterceptor Java Injection

Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...

9.8CVSS8.8AI score0.75071EPSS
Exploits11
Saint
Saint
added 2012/08/02 12:0 a.m.50 views

Apache Struts 2 ConversionErrorInterceptor Java Injection

Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...

9.8CVSS8.8AI score0.75071EPSS
Exploits11
Saint
Saint
added 2012/08/02 12:0 a.m.55 views

Apache Struts 2 ConversionErrorInterceptor Java Injection

Added: 08/02/2012 CVE: CVE-2012-0391 OSVDB: 78277 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Problem Struts uses...

9.3CVSS8.8AI score0.75071EPSS
Exploits11
Metasploit
Metasploit
added 2012/06/09 7:53 p.m.62 views

Apache Struts Remote Command Execution

This module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions 'Johannes Dahse', Vulnerability discovery and PoC 'Andreas...

9.8CVSS7.8AI score0.75071EPSS
Exploits11
Check Point Advisories
Check Point Advisories
added 2012/04/16 12:0 a.m.8 views

Apache Struts 2 ConversionErrorInterceptor OGNL Script Injection (CVE-2012-0391)

A script injection vulnerability has been reported in Apache Struts 2...

8.7AI score0.75071EPSS
Exploits11
d2
d2
added 2012/01/08 3:55 p.m.597 views

DSquare Exploit Pack: D2SEC_STRUTS2

Name| d2secstruts2 ---|--- CVE| CVE-2012-0391 Exploit Pack| D2ExploitPack Description| d2secstruts2 Notes|...

9.3CVSS1.7AI score0.75071EPSS
Exploits11
Vulnrichment
Vulnrichment
added 2012/01/08 3:0 p.m.14 views

CVE-2012-0391

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter...

9.6AI score0.75071EPSS
Exploits11References7
Cvelist
Cvelist
added 2012/01/08 3:0 p.m.38 views

CVE-2012-0391

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter...

9.5AI score0.75071EPSS
Exploits11References7
CVE
CVE
added 2012/01/08 3:0 p.m.1142 views

CVE-2012-0391

CVE-2012-0391 affects Apache Struts 2 before 2.2.3.1, where the ExceptionDelegator interprets parameter values as OGNL expressions during certain exception handling for mismatched data types, enabling remote code execution via a crafted parameter. Multiple sources (CVE entry, CISA KEV, GHSA advis...

9.8CVSS8.5AI score0.75071EPSS
In wildExploits11References8Affected Software1
Circl
Circl
added 2012/01/06 12:0 a.m.25 views

CVE-2012-0391

creationtimestamp| type| source ---|---|--- 2012-01-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18329 2012-06-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18984 2018-05-29 15:50:33+00:00| seen|...

9.8CVSS7.2AI score0.75071EPSS
Exploits11References7
Rows per page
Query Builder