I believe the vulnerability listed here matches quite closely what you are seeing:
http://www.exploit-db.com/exploits/14360/
So it seems to be a problem with the Struts/XWork framework and you should look into upgrading that to a newer version. This specific vulnerability reports says that version 2.2.0 fixes this problem.
