| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-0112 | 7.5 |
ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability ex
|
12-08-2019 - 21:15 | 29-04-2014 - 10:37 | |
| CVE-2014-0094 | 5.0 |
The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.
|
12-08-2019 - 21:15 | 11-03-2014 - 13:00 | |
| CVE-2014-0113 | 7.5 |
CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a craf
|
12-08-2019 - 21:15 | 29-04-2014 - 10:37 |