Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sling vulnerabilities and exploits
(subscribe to this query)
786
VMScore
CVE-2016-0956
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote malicious users to obtain sensitive information via unspecified vectors.
Apache Sling
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.0.0
Adobe Experience Manager 5.6.1
1 EDB exploit
3 Github repositories
505
VMScore
CVE-2012-2138
The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle prior to 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a descendant node, which allows remote malicious users to cause a denial of service (infinite loop) via a ...
Apache Org.apache.sling.servlets.post
1 EDB exploit
383
VMScore
CVE-2018-4876
Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.1.0
Adobe Experience Manager 6.3.0
1 Article
383
VMScore
CVE-2017-11296
An issue exists in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experience Manager.
Adobe Experience Manager 6.0.0
Adobe Experience Manager 6.3.0
Adobe Experience Manager 6.2.0
Adobe Experience Manager 6.1.0
445
VMScore
CVE-2013-2254
The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows ...
Apache Org.apache.sling.servlets.post 2.3.0
Apache Org.apache.sling.servlets.post 2.2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3