openkylin
/
openkylin-exploit-db
mirror of https://gitee.com/openkylin/openkylin-exploit-db.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

add cve/apache-Struts/2019/CVE-2019-0230/README.md. 

Signed-off-by: fanyunpeng <cn_2023@buaa.edu.cn>
This commit is contained in:
fanyunpeng 2023-03-16 09:13:36 +00:00 committed by Gitee
parent 6aa3620024
commit f52141ccef
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
cve/apache-Struts/2019/CVE-2019-0230/README.md Normal file
View File

@ -0,0 +1,21 @@
# Apache Struts 2.5.20 - Double OGNL evaluation
Exploit Author: Lucas Souza https://lsass.io
Vendor Homepage: https://apache.org/
Version: 2.4.49
Tested on: 2.4.49
CVE : CVE-2019-0230
Credits: Ash Daulton and the cPanel Security Team
# Usage
```
python CVE-2019-0230.py +
-target : Target address
-command : Command to execute
-debug : Enable debugging
-proxy : Enable proxy
```
# reference
http://packetstormsecurity.com/files/160108/Apache-Struts-2.5.20-Double-OGNL-Evaluation.html
http://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
https://cwiki.apache.org/confluence/display/ww/s2-059
https://launchpad.support.sap.com/#/notes/2982840
https://www.oracle.com/security-alerts/cpujan2021.html