漏洞描述
【漏洞对象】Apache Struts 2 【涉及版本】2.3-2.3.34,2.5-2.5.16 【漏洞描述】软件存在输入验证漏洞,远程攻击者可利用该漏洞在受影响应用程序的上下文中执行任意代码或造成拒绝服务。
Apache Struts2-输入验证漏洞(S2-057)(CVE-2018-11776)
PoC代码
暂无相关漏洞推荐
-
CVE-2007-4556: OpenSymphony XWork/Apache Struts2 - Remote Code Execution S2-001 POC
2025-09-01 | OpenSymphony XWork Apache Struts2Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork a... -
CVE-2012-0392: Apache Struts2 S2-008 RCE POC
2025-09-01 | Apache Struts2The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whit... -
CVE-2013-1965: Apache Struts2 S2-012 RCE POC
2025-09-01 | Apache Struts2Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote ... -
CVE-2018-1000600: Pre-auth Fully-responded SSRF POC
2025-09-01 | Pre-authA exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier... -
CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC
2025-09-01 | JenkinsA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...