Page 5 of 41 results (0.004 seconds)
CVSS: 6.8EPSS: 93%CPEs: 1EXPL: 5
CVSS: 6.8EPSS: 93%CPEs: 1EXPL: 5CVE-2012-0394 – Apache Struts - Developer Mode OGNL Execution
https://notcve.org/view.php?id=CVE-2012-0394
08 Jan 2012 — The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself. ** CUESTIONADA ** El componente DebuggingInterceptor en Apache Struts antes de la versión v2.3.1.1, cuando se usa el modo desarrollador (developer), permite ejecutar comandos de su elección a atacantes remotos a través de vectores no especificados. N... • https://packetstorm.news/files/id/125020 • CWE-94: Improper Control of Generation of Code ('Code Injection') •