CVE-2010-1622

The writeup describes CVE-2010-1622, a critical vulnerability in the Spring Framework allowing arbitrary code execution by manipulating the class loader's URLs via HTTP parameters. It outlines the attack steps, including crafting a malicious JAR and submitting a specially crafted HTTP request to exploit the vulnerability.

This repository contains a functional PoC for CVE-2022-22965, a Spring Framework RCE vulnerability. It includes a vulnerable Spring application and a Python script to exploit it by deploying a JSP webshell via malicious parameter binding.

This repository provides a Dockerized learning environment for CVE-2010-1622, a vulnerability in Apache Tomcat 6.0.26. It includes a Spring MVC application with controllers that demonstrate the vulnerability, allowing users to interact with the environment to understand the exploit mechanics.

The repository contains minimal Spring MVC code demonstrating a basic controller and POJO but lacks any exploit code or technical details related to CVE-2010-1622. No vulnerability demonstration or analysis is present.