Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cocoon vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2003-1172
Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote malicious users to access arbitrary files via a .. (dot dot) in the filename parameter.
Apache Cocoon 2.1.2
Apache Cocoon 2.2
Apache Cocoon 2.1
1 EDB exploit
5
CVSSv2
CVE-2020-11991
When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system.
Apache Cocoon
NA
CVE-2022-45135
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 prior to 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.
Apache Cocoon
NA
CVE-2023-49733
Improper Restriction of XML External Entity Reference vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 prior to 2.3.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.
Apache Cocoon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started