Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache struts 1.3.10 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-0899
The MultiPageValidator implementation in Apache Struts 1 1.1 up to and including 1.3.10 allows remote malicious users to bypass intended access restrictions via a modified page parameter.
Apache Struts 1.2.8
Apache Struts 1.3.5
Apache Struts 1.3.8
Apache Struts 1.1
Apache Struts 1.2.7
Apache Struts 1.2.6
Apache Struts 1.0
Apache Struts 1.0.2
Apache Struts 1.3.10
Apache Struts 1.2.4
Apache Struts 1.2.2
Apache Struts 1.2.9
1 Github repository
NA
CVE-2012-1007
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote malicious users to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) struts-cookbook/processSimple.do ...
Apache Struts 1.3.10
1 EDB exploit
8.2
CVSSv3
CVE-2016-1182
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 does not properly restrict the Validator configuration, which allows remote malicious users to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-20...
Apache Struts 1.2.8
Apache Struts 1.3.5
Apache Struts 1.3.8
Apache Struts 1.1
Apache Struts 1.2.7
Apache Struts 1.2.6
Apache Struts 1.0
Apache Struts 1.0.2
Apache Struts 1.3.10
Apache Struts 1.2.4
Apache Struts 1.2.2
Apache Struts 1.2.9
Apache Struts 1.0.1
Apache Struts 1.2.0
Apache Struts 1.2.1
Apache Struts 1.2.3
Apache Struts 1.2.5
Apache Struts 1.3.6
Apache Struts 1.3.7
Apache Struts 1.3.9
1 Github repository
8.1
CVSSv3
CVE-2016-1181
ActionServlet.java in Apache Struts 1 1.x up to and including 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote malicious users to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related...
Oracle Banking Platform 2.4.0
Oracle Portal 11.1.1.6
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.3.0
Apache Struts 1.2.8
Apache Struts 1.3.5
Apache Struts 1.3.8
Apache Struts 1.1
Apache Struts 1.2.7
Apache Struts 1.2.6
Apache Struts 1.0
Apache Struts 1.0.2
Apache Struts 1.3.10
Apache Struts 1.2.4
Apache Struts 1.2.2
Apache Struts 1.2.9
Apache Struts 1.0.1
Apache Struts 1.2.0
Apache Struts 1.2.1
Apache Struts 1.2.3
Apache Struts 1.2.5
1 Github repository
NA
CVE-2014-0094
The ParametersInterceptor in Apache Struts prior to 2.3.16.2 allows remote malicious users to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.
Apache Struts
2 EDB exploits
4 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started