6 matches found
SUSE CVE-2013-2135
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "$" and "%" sequences, which causes the OGNL code to be evaluated twice...
Atlassian Bamboo Code Execution / Argument Injection Vulnerabilities
Exploit for php platform in category web applications Atlassian Bamboo Code Execution / Argument Injection Vulnerabilities CVE ID: CVE-2017-14589. CVE-2017-14590. Product: Bamboo. Affected Bamboo product versions: version = 6.2.0 but less than 6.2.5 the fixed version for 6.2.x please upgrade your...
OGNL Double Evaluation Vulnerability
We have discovered and fixed a vulnerability in our fork of WebWork. Attackers can use this vulnerability to execute Java code of their choice on systems that use this framework. The attacker needs to be able to access the Crucible web interface. All versions of Crucible up to and including 3.6.1...
OGNL Double Evaluation Vulnerability
We have discovered and fixed a vulnerability in our fork of WebWork. Attackers can use this vulnerability to execute Java code of their choice on systems that use this framework. The attacker needs to be able to access the Crucible web interface. All versions of Crucible up to and including 3.6.1...
OGNL Double Evaluation Vulnerability
We have discovered and fixed a vulnerability in our fork of WebWork. Attackers can use this vulnerability to execute Java code of their choice on systems that use this framework. The attacker needs to be able to access the FishEye web interface. All versions of FishEye up to and including 3.6.1 a...
OGNL Double Evaluation Vulnerability
We have discovered and fixed a vulnerability in our fork of WebWork. Attackers can use this vulnerability to execute Java code of their choice on systems that use this framework. The attacker needs to be able to access the FishEye web interface. All versions of FishEye up to and including 3.6.1 a...