CVE-2014-0114 – Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution
https://notcve.org/view.php?id=CVE-2014-0114
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. Apache Commons BeanUtils, según se distribuye en lib/commons-beanutils-1.8.0.jar en Apache Struts 1.x hasta la versión 1.3.10 y en otros productos que requieren commons-beanutils hasta la versión 1.9.2, no suprime la propiedad class, lo que permite a atacantes remotos "manipular" el ClassLoader y ejecutar código arbitrario a través del parámetro class, según lo demostrado por el paso de este parámetro al método getClass del objeto ActionForm en Struts 1. OSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities. • https://www.exploit-db.com/exploits/41690 http://advisories.mageia.org/MGASA-2014-0219.html http://apache-ignite-developers.2346864.n4.nabble.com/CVE-2014-0114-Apache-Ignite-is-vulnerable-to-existing-CVE-2014-0114-td31205.html http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html http://marc.info/?l=bugtraq&m=140119284401582&w=2 http://marc.info/?l=bugtraq&m=140801096002766&w= • CWE-20: Improper Input Validation CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVE-2008-2025
https://notcve.org/view.php?id=CVE-2008-2025
Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." Vulnerabilidades de secuencias de comandos en sitios cruzados (XSS)en Apache Struts anteriores a v1.2.9-162.31.1 en SUSE Linux Enterprise (SLE) v11, anteriores a v1.2.9-108.2 en SUSE openSUSE v10.3, anteriores a v1.2.9-198.2 en SUSE openSUSE v11.0, y anteriores a v1.2.9-162.163.2 en SUSE openSUSE v11.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no específicos, relativo a "Citando la insuficiencia de parámetros." • http://download.opensuse.org/update/10.3-test/repodata/patch-struts-5872.xml http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://osvdb.org/53380 http://secunia.com/advisories/34567 http://secunia.com/advisories/34642 http://support.novell.com/security/cve/CVE-2008-2025.html https://bugzilla.novell.com/show_bug.cgi?id=385273 https://launchpad.net/bugs/cve/2008-2025 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-1546 – struts bypass validation
https://notcve.org/view.php?id=CVE-2006-1546
Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check. • http://issues.apache.org/bugzilla/show_bug.cgi?id=38374 http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://mail-archives.apache.org/mod_mbox/struts-dev/200601.mbox/%3cdr169r%24623%242%40sea.gmane.org%3e http://mail-archives.apache.org/mod_mbox/struts-user/200601.mbox/%3c20060121221800.15814.qmail%40web32607.mail.mud.yahoo.com%3e http://secunia.com/advisories/19493 http://secunia.com/advisories/20117 http://securitytracker.com/id?1015856 http://struts.ap •
CVE-2006-1548 – struts LookupDispatchAction XSS
https://notcve.org/view.php?id=CVE-2006-1548
Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message. • http://issues.apache.org/bugzilla/show_bug.cgi?id=38749 http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://secunia.com/advisories/19493 http://secunia.com/advisories/20117 http://securitytracker.com/id?1015856 http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html http://www.securityfocus.com/bid/17342 http://www.vupen.com/english/advisories/2006/1205 https://exchange.xforce.ibmcloud.com/vulnerabilities/25614 https://issues.apache.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2006-1547 – Apache Struts 1 ActionForm Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2006-1547
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils. ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS). • http://issues.apache.org/bugzilla/show_bug.cgi?id=38534 http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html http://secunia.com/advisories/19493 http://secunia.com/advisories/20117 http://securitytracker.com/id?1015856 http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html http://www.securityfocus.com/bid/17342 http://www.vupen.com/english/advisories/2006/1205 https://exchange.xforce.ibmcloud.com/vulnerabilities/25613 https://access.redhat.com •