| CVE-2013-2134 |
critical |
— |
10.0 |
|
|
|
13y ago |
Arbitrary code execution in Apache Struts 2 |
| CVE-2013-1966 |
critical |
— |
10.0 |
|
|
|
13y ago |
Arbitrary code execution in Apache Struts |
| CVE-2013-2115 |
high |
8.1 |
9.1 |
|
|
|
13y ago |
Code injection in Apache Struts |
| CVE-2012-0394 |
medium |
— |
7.8 |
|
|
|
15y ago |
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode |
| CVE-2012-0392 |
medium |
— |
7.8 |
|
|
|
15y ago |
Apache Struts's CookieInterceptor component does not use the parameter-name whitelist |
| CVE-2012-0393 |
medium |
— |
7.4 |
|
|
|
15y ago |
Apache Struts's ParameterInterceptor component does not prevent access to public constructors |
| CVE-2014-0094 |
medium |
— |
6.0 |
|
|
|
12y ago |
ClassLoader manipulation in Apache Struts |
| CVE-2012-0391 |
unknown |
— |
2.5 |
|
|
|
4y ago |
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution. |
