Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.6 views

CVE-2023-26267

php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXMLDTDLOAD | \LIBXMLDTDATTR...

6.5CVSS7.1AI score0.0052EPSS
Exploits0References1
Circl
Circl
added 2023/02/21 12:16 p.m.8 views

CVE-2023-26267

creationtimestamp| type| source ---|---|--- 2023-02-21 12:16:33+00:00| seen| https://t.me/cibsecurity/58561...

6.5CVSS6.3AI score0.0052EPSS
Exploits0References1
OSV
OSV
added 2023/02/21 9:15 a.m.4 views

CVE-2023-26267

php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXMLDTDLOAD | \LIBXMLDTDATTR...

6.5CVSS6.7AI score0.0052EPSS
Exploits0References2
CVE
CVE
added 2023/02/21 12:0 a.m.38 views

CVE-2023-26267

The vulnerability CVE-2023-26267 affects php-saml-sp in versions before 1.1.1 and 2.x before 2.1.1. It allows reading arbitrary files as the webserver user because XML external entities are silently resolved via LIBXML_DTDLOAD and LIBXML_DTDATTR. No exploitation details are provided in the source...

6.5CVSS6.5AI score0.0052EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/21 12:0 a.m.15 views

CVE-2023-26267

php-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \LIBXMLDTDLOAD | \LIBXMLDTDATTR...

6.6AI score0.0052EPSS
Exploits0References2
Rows per page
Query Builder