CVE-2013-4212

Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subcla...

Apache Roller - OGNL Injection (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Apache Roller OGNL Injection', 'Description' = %q This module exploits an OGNL injection vulnerability in Apache Roller 'Unknown', Fr...

Apache Roller OGNL Injection Vulnerability

This Metasploit module exploits an OGNL injection vulnerability in Apache Roller 'Apache Roller OGNL Injection', 'Description' = %q This module exploits an OGNL injection vulnerability in Apache Roller 'Unknown', From coverity.com / Vulnerability discovery 'juan vazquez' Metasploit module ,...

Apache Roller OGNL Injection

This module exploits an OGNL injection vulnerability in Apache Roller 'Apache Roller OGNL Injection', 'Description' = %q This module exploits an OGNL injection vulnerability in Apache Roller 'Unknown', From coverity.com / Vulnerability discovery 'juan vazquez' Metasploit module , 'License' =...