Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache cocoon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1172
Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote malicious users to access arbitrary files via a .. (dot dot) in the filename parameter.
Apache Cocoon 2.1.2
Apache Cocoon 2.2
Apache Cocoon 2.1
1 EDB exploit
9.8
CVSSv3
CVE-2022-45135
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 prior to 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.
Apache Cocoon
7.5
CVSSv3
CVE-2020-11991
When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system.
Apache Cocoon
9.8
CVSSv3
CVE-2023-49733
Improper Restriction of XML External Entity Reference vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 prior to 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.
Apache Cocoon
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started