10 matches found
Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family (CVE-2013-2251, CVE-2013-2248 CVE-2013-2135, CVE-2013-2134, CVE-2013-2115, CVE-2013-1966 and CVE-2013-1965)
Summary Security Bulletin: Unauthorized access exposure on IBM SAN Volume Controller and Storwize Family CVE-2013-2251 CVE-2013-2248 CVE-2013-2135 CVE-2013-2134 CVE-2013-2115 CVE-2013-1966 CVE-2013-1965 Vulnerability Details Security Bulletin --- Summary --- Administrative access to the system vi...
be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +133 more potentially affected by CVE-2013-2134 via org.apache.struts:struts2-core (>=2.0.11 <=2.3.14.2)
org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.2.0, =1.0.3, =0.6, =3.0, =5.0.1 - com.google.inject.extensions:guice-struts2-plugin =2.0 - com.google.inject.integration:guice-struts2-plugin =1.0 - com.googlecode.rapid-framework:rapid-core =4.0 and more Source cves:...
Apache Struts Security Update (S2-012, S2-015) - Version Check
The remote host is missing a security update for Apache Struts announced via the referenced advisories. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Apache Struts Wildcard Matching OGNL Code Execution (CVE-2013-2134)
A code execution vulnerability exists in Apache Struts OGNL...
Security Advisory-Multiple Apache Struts2 Vulnerabilities in Huawei Products
Apache Struts2 is a second-generation and enterprise-ready Java web application framework based on the Model-View-Controller MVC architecture. This advisory describes four vulnerabilities of Apache Struts 2.0.0 - 2.3.15. Huawei products and applications using the above versions of Apache Struts a...
CVE-2013-2134
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135...
CVE-2013-2134
CVE-2013-2134: Apache Struts 2 before 2.3.14.3 allows remote OGNL code execution through a crafted action name during wildcard matching. IBM and other bulletins link this family of Struts vulnerabilities to exposed management interfaces and unauthorized access risks, with remediation typically de...
Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution
The remote web application appears to use Struts 2, a web framework that utilizes OGNL Object-Graph Navigation Language as an expression language. Due to a flaw in the evaluation of an OGNL expression, a remote, unauthenticated attacker can exploit this issue to execute arbitrary commands on the...
Apache Struts OGNL表达式注入漏洞(CVE-2013-2134)
BUGTRAQ ID: 60346 CVECAN ID: CVE-2013-2134 Struts2 是第二代基于Model-View-Controller MVC模型的java企业级web应用框架。它是WebWork和Struts社区合并后的产物。 Apache Struts 2.0.0-2.3.14.3存在远程OGNL表达式注入漏洞,远程攻击者可利用此漏洞操作服务器端对象并在受影响应用上下文中执行任意命令。此漏洞源于通配符匹配错误。 0 Apache Group Struts 2.x 厂商补丁: Apache Group ------------ Apache...
CVE-2013-2134
creationtimestamp| type| source ---|---|--- 2013-06-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38549 2025-10-14 21:02:26+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m36mtqkjmy2n...