Lucene search
K

81 matches found

Nuclei
Nuclei
added last week136 views

Apache Struts 2 - Remote Command Execution

Apache Struts 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is susceptible to remote command injection attacks. The Jakarta Multipart parser has incorrect exception handling and error-message generation during file upload attempts, which can allow an attacker to execute arbitrary commands via a...

10CVSS7.8AI score0.99999EPSS
Exploits44References5
GithubExploit
GithubExploit
added 2026/02/20 1:22 a.m.243 views

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

Apache Struts2 S2-045 RCE CVE-2017-5638 📌 Overview This...

10CVSS6.1AI score0.99999EPSS
Exploits44
GithubExploit
GithubExploit
added 2026/01/04 1:8 p.m.164 views

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

SSP ASSIGNEMENT 3 : CVE poc Exploitation of CVE-2017-5638...

10CVSS9.2AI score0.99999EPSS
Exploits44
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.19 views

Oracle Siebel CRM (April 2017 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2017 CPU advisory. - Vulnerability in the Siebel Apps - E-Billing component of Oracle Siebel CRM subcomponent: Security Struts 2. Supported versions that are affected are 6.1,...

10CVSS8.5AI score0.99999EPSS
Exploits44References2
GithubExploit
GithubExploit
added 2024/09/04 7:59 p.m.184 views

Exploit for Cross-Site Request Forgery (CSRF) in Concretecms Concrete_Cms

CVE-2017-5638 Apache Struts 2 RCE Proof of Concept This repos...

10CVSS9.8AI score0.99999EPSS
Exploits44
Openbugbounty
Openbugbounty
added 2023/06/14 8:9 p.m.19 views

ksakosher.org Cross Site Scripting vulnerability OBB-3430658

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.136 views

Security Bulletin: Vulnerability in Apache Struts affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-5638)

Summary A vulnerability in the Apache Struts component affects the Service Assistant GUI of SAN Volume Controller, Storwize family and FlashSystem V9000 products allowing arbitrary code execution. The Command Line Interface is unaffected. Vulnerability Details CVEID: CVE-2017-5638 DESCRIPTION:...

10CVSS9.9AI score0.99999EPSS
Exploits44Affected Software6
F5 Networks
F5 Networks
added 2023/02/21 7:53 p.m.1069 views

K43451236: Apache Struts 2 vulnerability CVE-2017-5638

Security Advisory Description The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted...

10CVSS9.3AI score0.99999EPSS
Exploits44
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/18 1:45 a.m.156 views

Security Bulletin: A vulnerability in Apache Struts affects the IBM FlashSystem models 840 and 900

Summary There is a vulnerability in Apache Struts to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 is susceptible. An exploit of this vulnerability CVE-2017-5638 could allow a remote attacker to execute arbitrary code on the system Vulnerability Details CVEID: CVE-2017-5638 DESCRIPTION:...

10CVSS9.9AI score0.99999EPSS
Exploits44Affected Software1
OpenVAS
OpenVAS
added 2021/04/06 12:0 a.m.41 views

Apache Struts Security Update (S2-045, S2-046) - Version Check

Apache Struts is prone to multiple remote code execution RCE vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

10CVSS10AI score0.99999EPSS
Exploits44References6
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.527 views

Selligent Message Studio Struts Code Execution (CVE-2017-5638)

Binary data selligentmessagestudiorce.nbin...

10CVSS10AI score0.99999EPSS
Exploits44References3
Openbugbounty
Openbugbounty
added 2020/06/25 9:37 a.m.14 views

handymantravels.co.in Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1206455 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2020/06/05 12:0 a.m.97 views

Huawei Data Communication: Apache Struts2 RCE Vulnerability in Huawei Products (huawei-sa-20170316-01-struts2)

Apache Struts2 released a remote code execution RCE vulnerability in S2-045 on the official website. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

10CVSS10AI score0.99999EPSS
Exploits44References3
Openbugbounty
Openbugbounty
added 2020/04/23 12:15 a.m.11 views

tableau-13-369-d04-vip.ucl.ac.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1149143 Security Researcher OakdaleHutch Helped patch 26 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting tableau-13-369-d04-vip.ucl.ac.uk website and its...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2020/01/13 9:59 p.m.16 views

f3c.cfdt.fr Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1067369 Security Researcher Track2 Helped patch 214 vulnerabilities Received 2 Coordinated Disclosure badges Received 1 recommendations , a holder of 2 badges for responsible and coordinated disclosure, found a security vulnerability affecting f3c.cfdt.fr website and its...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/11/12 7:26 p.m.11 views

davidfryling.org Cross Site Scripting vulnerability

Security Researcher g0bl1nsec Helped patch 3712 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting davidfryling.org website and its users. Following...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2019/09/15 5:58 p.m.19 views

navigates.gates.com Cross Site Scripting vulnerability

Security Researcher KhanJanny Helped patch 2643 vulnerabilities Received 9 Coordinated Disclosure badges Received 38 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting navigates.gates.com website and its users. Following...

Exploits0
myhack58
myhack58
added 2019/03/30 12:0 a.m.3640 views

Apache Struts OGNL injection vulnerability principle with an example-vulnerability warning-the black bar safety net

Through this article, we mainly learn how Apache Struts to achieve OGNL injection. Our examples will be set forth in the Struts of the two critical vulnerabilities: CVE-2017-5638(Equifax information disclosure and CVE-2018-11776。 Apache Struts is a free open source framework for creating modern...

10CVSS0.2AI score0.99999EPSS
Exploits82
vulnersOsv
vulnersOsv
added 2018/10/18 7:24 p.m.8 views

cc.fozone.struts2:StreamResultX (=1.2), com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (>=1.5.3 <=2.4.0) +183 more potentially affected by CVE-2017-5638 via org.apache.struts:struts2-core (>=2.3.1 <=2.3.31)

org.apache.struts:struts2-core MAVEN version =2.3.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.0.0, =2.0, =1.2.2, =1.4.1, =1.5.5, =1.7.4 and more Source cves: CVE-2017-5638 Source advisory: OSV:GHSA-J77Q-2QQG-6989...

10CVSS7.3AI score0.99999EPSS
Exploits44
ThreatPost
ThreatPost
added 2018/09/10 2:23 p.m.448 views

Mirai, Gafgyt Botnets Return to Target Infamous Apache Struts, SonicWall Flaws

Researchers have discovered new variants for the infamous Mirai and Gafgyt IoT botnets – now targeting well-known vulnerabilities in Apache Struts and SonicWall. The new Mirai strain targets the Apache Struts flaw associated with the 2017 Equifax breach, while the Gafgyt variant uses a...

10CVSS0.5AI score0.99999EPSS
Exploits98References12
Rows per page
Query Builder