Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Nuclei
Nucleiadded 5 days ago60 views

Apache Struts <2.3.1.1 - Remote Code Execution

Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used in the DebuggingInterceptor component, a remote attacker can execute arbitrary OGNL commands via unspecified vectors, which can allow for execution of malware, obtaining sensitive information,...

6.8CVSS9.3AI score0.74405EPSS
Exploits9References5
Tenable Nessus
Tenable Nessusadded 2024/09/24 12:0 a.m.30 views

Apache Struts 2.0.0 < 2.3.18 RCE (S2-008)

The version of Apache Struts installed on the remote host is prior to 2.3.18. It is, therefore, affected by a vulnerability as referenced in the S2-008 advisory. - The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute...

6.8CVSS8.6AI score0.74405EPSS
Exploits9References2
F5 Networks
F5 Networksadded 2023/02/21 7:50 p.m.51 views

K25570584: Apache Struts vulnerability CVE-2012-0394

Security Advisory Description DISPUTED The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability...

6.8CVSS9.1AI score0.74405EPSS
Exploits9
Metasploit
Metasploitadded 2014/01/26 12:17 a.m.29 views

Apache Struts 2 Developer Mode OGNL Execution

This module exploits a remote command execution vulnerability in Apache Struts 2. The problem exists on applications running in developer mode, where the DebuggingInterceptor allows evaluation and execution of OGNL expressions, which allows remote attackers to execute arbitrary Java code. This...

6.8CVSS7.8AI score0.74405EPSS
Exploits9
canvas
canvasadded 2012/01/08 3:55 p.m.83 views

Immunity Canvas: STRUTSCODEINJECTION

Name| strutsCodeInjection ---|--- CVE| CVE-2012-0394 Exploit Pack| CANVAS Description| Struts Code Injector Notes| CVE Name: CVE-2012-0394 VENDOR: Apache Notes: CVE-2012-0394 - Struts = 2.2.1.1 ExceptionDelegator When an exception occurs while applying parameter values to properties, the value is...

6.8CVSS2AI score0.91079EPSS
Exploits30
CVE
CVEadded 2012/01/08 3:0 p.m.193 views

CVE-2012-0394

CVE-2012-0394 affects Apache Struts 2.x, specifically the DebuggingInterceptor component when Developer Mode is enabled. The IBM security bulletin consolidates multiple Struts CVEs and states that the vulnerable code related to CVE-2012-0394 is not in use in Order Management, lowering risk; the a...

6.8CVSS9.2AI score0.74405EPSS
Exploits9References7Affected Software1
Circl
Circladded 2012/01/06 12:0 a.m.19 views

CVE-2012-0394

creationtimestamp| type| source ---|---|--- 2012-01-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18329 2014-02-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31434 2018-05-29 15:50:33+00:00| seen|...

6.8CVSS8.4AI score0.74405EPSS
Exploits9References4
Rows per page
Query Builder