Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
struts vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-2025
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to...
Apache Struts 1.0.2
Apache Struts 1.1
Apache Struts 1.2.4
Apache Struts 1.2.7
Apache Struts 1.2.8
5
CVSSv2
CVE-2008-6504
ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language...
Opensymphony Xwork 2.0.0
Opensymphony Xwork 2.0.1
Opensymphony Xwork 2.0.2
Opensymphony Xwork 2.0.3
Opensymphony Xwork 2.0.4
Opensymphony Xwork 2.0.5
Opensymphony Xwork 2.1.0
Opensymphony Xwork 2.1.1
Apache Struts 2.0.0
Apache Struts 2.0.2
Apache Struts 2.0.3
Apache Struts 2.0.4
Apache Struts 2.0.5
Apache Struts 2.0.6
Apache Struts 2.0.7
Apache Struts 2.0.8
Apache Struts 2.0.9
Apache Struts 2.0.11
Apache Struts 2.0.11.1
Apache Struts 2.0.11.2
1 EDB exploit available
4.3
CVSSv2
CVE-2012-1006
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastName parameter to struts2-showcase/person/editPerson.action, or the (3) clientName parameter to...
Apache Struts 2.0.14
Apache Struts 2.2.3
1 EDB exploit available
7.8
CVSSv2
CVE-2006-1547
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides...
Apache Struts 1.2.7
Apache Struts
1 Github repository available
4.3
CVSSv2
CVE-2015-5169
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20....
Apache Struts
4.3
CVSSv2
CVE-2006-1548
Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is...
Apache Struts
9.3
CVSSv2
CVE-2013-2115
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966....
Apache Struts
1 EDB exploit available
1 Metasploit module available
1 Github repository available
5
CVSSv2
CVE-2014-0094
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method....
Apache Struts
2 EDB exploits available
1 Metasploit module available
5 Github repositories available
1 Article available
7.5
CVSSv2
CVE-2014-0112
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an...
Apache Struts
2 EDB exploits available
1 Metasploit module available
3 Github repositories available
1 Article available
7.5
CVSSv2
CVE-2020-17530
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25....
Apache Struts
14 Github repositories available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-2109
NULL pointer dereference
CVE-2021-1300
local users
CVE-2021-1250
CVE-2020-6207
dos
CVE-2021-1249
CVE-2020-11214
« PREV
1
2
3
4
5
6
7
8
9
NEXT »