Back to directory
WRITEUP #5775

Apache Struts double evaluation RCE lottery

RCEDouble OGNL evaluation
by@mmolgtm(Man Yue Mo)
Program
Apache Struts
Published
Oct 4, 2018
Added to HackDex
Dec 5, 2022
Read Full Writeuphttps://securitylab.github.com/research/apache-struts-double-evaluation/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
RCETLD hacking

Built with ❤️ by Shubham Rawat