The DefaultActionMapper class in Apache Struts 2 supports a method for short-circuit navigation state changes by prefixing parameters like "redirect:" or "redirect-action:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework.
This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine.
This module exploits an Off-by-one error in the LDAP scheme handling in the Rewrite module (mod_rewrite) in Apache and installs an agent into the target host.
After successful exploitation an agent will be installed. Usually Apache is ran as the user nobody, or some other low privileged user. After exploitation, the agent will be running as this user.
After successful exploitation an agent will be installed. Usually Apache is ran as the user nobody, or some other low privileged user. After exploitation, the agent will be running as this user. Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000.
A stack overflow found in ALLMediaServer by supplying a malformed network request.
This module exploits a remote .JSP code injection in Adobe RoboHelp Server by sending a specially crafted HTTP request to the affected service.
ColdFusion admin console is vulnerable to multiple directory traversal attacks related to locale parameter, allowing the attacker to upload an agent and execute it. The agent may have SYSTEM privileges if ColdFusion is installed as a service in Windows.
The /CFIDE/adminapi/customtags/l10n.cfm page in Adobe ColdFusion is prone to a Local File Inclusion vulnerability because it does not properly validate its attributes.file parameter. This can be abused by a remote unauthenticated attacker to execute arbitrary code on vulnerable servers. The agent may have SYSTEM privileges if ColdFusion is installed as a service on Windows.