cve/CVE-2012-0391.md at 4024663e83c70ac127726b49919178f8121c5338

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.

POC

Reference

http://www.exploit-db.com/exploits/18329

Github

https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
https://github.com/SexyBeast233/SecBooks
https://github.com/TesterCC/exp_poc_library
https://github.com/woods-sega/woodswiki

935 B Raw Blame History

CVE-2012-0391

Description

POC

Reference

Github

935 B

Raw Blame History