Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache struts 1.2.9 vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2006-1547
ActionForm in Apache Software Foundation (ASF) Struts prior to 1.2.9 with BeanUtils 1.7 allows remote malicious users to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which prov...
Apache Struts 1.2.7
Apache Struts
1 Github repository
668
VMScore
CVE-2006-1546
Apache Software Foundation (ASF) Struts prior to 1.2.9 allows remote malicious users to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications ...
Apache Struts
1 Github repository
605
VMScore
CVE-2016-1181
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote malicious users to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related...
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Portal 11.1.1.6
Oracle Banking Platform 2.3.0
Oracle Banking Platform 2.4.0
Apache Struts 1.0
Apache Struts 1.1
Apache Struts 1.2.3
Apache Struts 1.2.4
Apache Struts 1.2.5
Apache Struts 1.3.7
Apache Struts 1.3.8
Apache Struts 1.0.2
Apache Struts 1.2.1
Apache Struts 1.2.2
Apache Struts 1.3.5
Apache Struts 1.3.6
Apache Struts 1.2.6
Apache Struts 1.2.7
Apache Struts 1.3.9
Apache Struts 1.3.10
Apache Struts 1.0.1
1 Github repository
570
VMScore
CVE-2016-1182
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 does not properly restrict the Validator configuration, which allows remote malicious users to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-20...
Apache Struts 1.0
Apache Struts 1.1
Apache Struts 1.2.5
Apache Struts 1.2.6
Apache Struts 1.3.9
Apache Struts 1.3.10
Apache Struts 1.0.2
Apache Struts 1.2.1
Apache Struts 1.2.2
Apache Struts 1.2.9
Apache Struts 1.3.5
Apache Struts 1.2.3
Apache Struts 1.2.4
Apache Struts 1.3.7
Apache Struts 1.3.8
Apache Struts 1.3.6
Apache Struts 1.0.1
Apache Struts 1.2.0
Apache Struts 1.2.7
Apache Struts 1.2.8
1 Github repository
445
VMScore
CVE-2015-0899
The MultiPageValidator implementation in Apache Struts 1 1.1 up to and including 1.3.10 allows remote malicious users to bypass intended access restrictions via a modified page parameter.
Apache Struts 1.3.10
Apache Struts 1.2.9
Apache Struts 1.1
Apache Struts 1.2.6
Apache Struts 1.2.4
Apache Struts 1.0.2
Apache Struts 1.0
Apache Struts 1.2.8
Apache Struts 1.2.7
Apache Struts 1.3.8
Apache Struts 1.3.5
Apache Struts 1.2.2
1 Github repository
383
VMScore
CVE-2008-2025
Cross-site scripting (XSS) vulnerability in Apache Struts prior to 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, prior to 1.2.9-108.2 on SUSE openSUSE 10.3, prior to 1.2.9-198.2 on SUSE openSUSE 11.0, and prior to 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote malicious ...
Apache Struts 1.1
Apache Struts 1.2.7
Apache Struts 1.2.8
Apache Struts 1.2.4
Apache Struts 1.0.2
383
VMScore
CVE-2006-1548
Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts prior to 1.2.9 allows remote malicious users to inject arbitrary web script or HTML via the parameter name, whi...
Apache Struts
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started