Lucene search

K

6 matches found

CVE
CVE
added 2012/01/08 3:55 p.m.1104 views

CVE-2012-0391

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.

9.8CVSS8.5AI score0.90877EPSS
In wildWeb
CVE
CVE
added 2006/03/30 10:2 p.m.1080 views

CVE-2006-1547

ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elem...

7.8CVSS7.2AI score0.13582EPSS
In wild
CVE
CVE
added 2020/12/16 1:15 a.m.314 views

CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing ...

6.8CVSS7.5AI score0.91436EPSS
CVE
CVE
added 2020/12/16 1:15 a.m.287 views

CVE-2020-26258

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly availa...

7.7CVSS8.1AI score0.9368EPSS
CVE
CVE
added 2023/06/14 8:15 a.m.105 views

CVE-2023-34396

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater

7.5CVSS5.7AI score0.00115EPSS
CVE
CVE
added 2023/06/14 8:15 a.m.75 views

CVE-2023-34149

Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Upgrade to Struts 2.5.31 or 6.1.2.1 or greater.

6.5CVSS5.4AI score0.00062EPSS