Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache sling vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-0956
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote malicious users to obtain sensitive information via unspecified vectors.
Apache Sling
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.0.0
Adobe Experience Manager 5.6.1
1 EDB exploit
3 Github repositories
NA
CVE-2012-2138
The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle prior to 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote malicious users to cause a denial of service (infinite loop) via a ...
Apache Org.apache.sling.servlets.post
1 EDB exploit
NA
CVE-2013-2254
The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows ...
Apache Org.apache.sling.servlets.post 2.3.0
Apache Org.apache.sling.servlets.post 2.2.0
6.1
CVSSv3
CVE-2017-11296
An issue exists in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.
Adobe Experience Manager 6.0.0
Adobe Experience Manager 6.3.0
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3