漏洞描述
Xstream API存在远程命令注入漏洞,此漏洞是对用户输入的xml数据缺乏校验导致的。
Xstream API CVE-2013-7285 远程命令注入漏洞
PoC代码
暂无相关漏洞推荐
-
CVE-2013-7285: XStream <1.4.6/1.4.10 - Remote Code Execution POC
2025-08-01 | XStreamXstream API before 1.4.6 and 1.4.10 is susceptible to remote code execution. If the security framewo... -
CVE-2020-26217: XStream <1.4.14 - Remote Code Execution POC
2025-08-01 | XStreamXStream before 1.4.14 is susceptible to remote code execution. An attacker can run arbitrary shell c... -
CVE-2020-26258: XStream <1.4.15 - Server-Side Request Forgery POC
2025-08-01 | XStreamXStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data fr... -
CVE-2013-1965: Apache Struts2 S2-012 RCE POC
2025-09-01 | Apache Struts2Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote ... -
CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016) POC
2025-09-01 | Apache Struts 2In Struts 2 before 2.3.15.1 the information following "action:", "redirect:", or...