192 matches found
ClassLoader manipulation vulnerability
We have fixed a vulnerability in our fork of Apache Struts. Attackers can use this vulnerability to execute Java code of their choice on systems that use these frameworks. The attacker needs to be able to access the Crowd web interface. In cases when anonymous access is enabled, a valid user...
CVE-2013-0127
IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and...
Code injection
IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and...
CVE-2013-0127
IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and...
CVE-2013-0127
The CVE-2013-0127 entry applies to IBM Notes (Lotus Notes) 8.x prior to 8.5.3 FP4 Interim Fix 1 and 9.0 prior to Interim Fix 1, where HTML emails could contain APPLET elements that are not blocked. The underlying issue allows remote attackers to bypass Java execution restrictions and X-Confirm-Re...
Sybase Adaptive Server Enterprise (ASE)多个安全漏洞
BUGTRAQ ID: 57206 Sybase Adaptive Server Enterprise是关系型数据库管理系统。 Sybase Adaptive Server Enterprise ASE在实现上存在多个安全漏洞,本地用户可利用这些漏洞泄露敏感信息、提升权限、绕过安全限制、控制受影响系统、执行SQL注入攻击、操作某些数据、造成拒绝服务。 1、在创建代理表时存在错误,可被利用绕过某些安全限制。 2、通过Sybase Central的ASE插件创建表时存在错误,可被利用绕过某些安全限制。 3、某些输入没有正确过滤即被用在SQL查询中,通过注入任意SQL代码,可被利用操作SQL查...
Openfire Admin Console Authentication Bypass
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex/zip' class Metasploit3...
CVE-2012-1826
dotCMS 1.9 before 1.9.5.1 allows remote authenticated users to execute arbitrary Java code via a crafted 1 XSLT or 2 Velocity template...
Squiggle 1.7 SVG Browser Java Code Execution
Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Squiggle 1.7 SVG Browser Java Code Execution
This module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted SVG file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: 1 It must support at least SVG version...
CVE-2012-0392
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...
Immunity Canvas: STRUTSCODEINJECTION
Name| strutsCodeInjection ---|--- CVE| CVE-2012-0394 Exploit Pack| CANVAS Description| Struts Code Injector Notes| CVE Name: CVE-2012-0394 VENDOR: Apache Notes: CVE-2012-0394 - Struts = 2.2.1.1 ExceptionDelegator When an exception occurs while applying parameter values to properties, the value is...
Security feature bypass
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...
CVE-2012-0392
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...
CVE-2012-0392
CVE-2012-0392 affects Apache Struts: CookieInterceptor does not enforce a parameter-name whitelist, enabling remote code execution via a crafted HTTP Cookie header that can trigger Java code execution through a static method. The Nuclei template confirms this as part of the S2-008 family, describ...
CVE-2012-0392
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...
VELOCITY local code execution vulnerability-vulnerability warning-the black bar safety net
by emptiness prodigal heart velocity is a J2EE MVC architecture the most commonly used presentation layer template file, due to the excellent performance, very much of the J2EE Application, use this template. Usually when in use, and other framework-binding, the most common framework is struts2,...
Apache Struts < 2.2.0 - Remote Command Execution (Metasploit)
$Id: strutscodeexec.rb 13586 2011-08-19 05:59:32Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Java RMI Server Insecure Default Configuration Java Code Execution
Exploit for multiple platform in category remote exploits $Id: javarmiserver.rb 13186 2011-07-15 20:44:08Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...
Zend Server Java Bridge - Arbitrary Java Code Execution (Metasploit)
$Id: zendjavabridge.rb 12242 2011-04-05 01:08:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...