Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
dsquareDsquare SecurityE-348
HistoryDec 10, 2013 - 12:00 a.m.

Apache Roller OGNL Injection

2013-12-1000:00:00
Dsquare Security
30

0.96 High

EPSS

Percentile

99.5%

JSON

This module exploits an OGNL injection vulnerability in Apache Roller < 5.0.2. The vulnerability is due to an OGNL injection on the UIAction controller because of an insecure usage of the ActionSupport.getText method.

Vulnerability Type: Remote Command Execution

For the exploit source code contact DSquare Security sales team.

Related

zdt 1
nvd 1
cve 1
d2 1
packetstorm 1
checkpoint_advisories 1
prion 1
cvelist 1
openvas 1
zdt
zdt
Apache Roller OGNL Injection Vulnerability
2013-11-26 00:00:00
nvd
nvd
CVE-2013-4212
2013-12-07 20:55:02
cve
cve
CVE-2013-4212
2013-12-07 20:55:02
d2
d2
DSquare Exploit Pack: D2SEC_APACHE_ROLLER
2013-12-07 20:55:00
packetstorm
packetstorm
Apache Roller OGNL Injection
2013-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
2013-12-11 00:00:00
prion
prion
Design/Logic Flaw
2013-12-07 20:55:00
cvelist
cvelist
CVE-2013-4212
2013-12-07 20:00:00
openvas
openvas
Apache Roller < 5.0.2 Multiple Vulnerabilities
2017-11-27 00:00:00

0.96 High

EPSS

Percentile

99.5%

JSON
Related for E-348
zdt1nvd1cve1d21packetstorm1checkpoint_advisories1prion1cvelist1openvas1