mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-13 03:02:49 +00:00
988 B
988 B
CVE-2016-0785
Description
Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation.
POC
Reference
No PoCs from references.
Github
- https://github.com/20142995/pocsuite3
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/SexyBeast233/SecBooks
- https://github.com/brunsu/woodswiki
- https://github.com/forget-eve/Software-Security-and-Testing
- https://github.com/ice0bear14h/struts2scan
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/woods-sega/woodswiki