mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
1.1 KiB
1.1 KiB
CVE-2012-0838
Description
Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field.
POC
Reference
No PoCs from references.
Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/brunsu/woodswiki
- https://github.com/ice0bear14h/struts2scan
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/woods-sega/woodswiki