Published: 11/04/2016 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed prior to 2.3.1 allow remote malicious users to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache jetspeed

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, ...

This Metasploit module exploits the unsecured User Manager REST API and a ZIP file path traversal in Apache Jetspeed-2, versions 230 and unknown earlier versions, to upload and execute a shell Note: this exploit will create, use, and then delete a new admin user Warning: in testing, exploiting the file upload clobbered the web interface beyond ...

CWE-89 http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and http://www.rapid7.com/db/modules/exploit/multi/http/apache_jetspeed_file_upload http://packetstormsecurity.com/files/136489/Apache-Jetspeed-Arbitrary-File-Upload.html https://www.exploit-db.com/exploits/39643/https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0710 https://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3C046318A1-226E-453F-9394-B84F1A33E6A4%40bluesunrise.com%3E https://nvd.nist.gov https://www.exploit-db.com/exploits/39643/

CVE-2016-0710

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect