CVE-2024-8010

The CVE-2024-8010 entry concerns an XML External Entity (XXE) injection in WSO2 API Manager where XML input accepted through the publisher does not disable external entity resolution. This allows a remote attacker to read confidential files from the product’s filesystem or access limited HTTP res...

WSO2 API Manager 安全漏洞

The WSO2 API Manager is a set of API lifecycle management solutions provided by the American company WSO2. There is a security vulnerability present in the WSO2 API Manager publishers. This vulnerability stems from the component’s inability to disable external entity resolution when accepting XML...

Joomla Publisher Component Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in Joomla Publisher Component. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

CVE-2020-17454

WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. More precisely, it is possible to inject an XSS payload into the owner POST parameter, which does not filter user inputs. By putting an XSS payload in place of a valid Owner Name, a modal box...

Oracle Fusion Middleware BI Publisher Component Access Control Error Vulnerability (CNVD-2019-39893)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's Oracle business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. BI Publisher formerly known as XML Publisher is one of the reporting components. An access contro...

Oracle Fusion Middleware BI Publisher Component Access Control Error Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's Oracle business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. BI Publisher formerly known as XML Publisher is one of the reporting components. An access contro...

Joomla! com_publisher component SQL injection vulnerability

Joomla! is an open source content management system CMS. The system provides RSS feeds , site search and other functions . A SQL injection vulnerability exists in the Joomla! compublisher component. An attacker can use this vulnerability to take control of the application, access or modify data, ...

Joomla Publisher component SQLi Vulnerability

Joomla Publisher component is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2010-2413

CVE-2010-2413 affects Oracle BI Publisher (Oracle Fusion Middleware) versions 10.1.3.3.2 and 10.1.3.4.1. The vulnerability is described as an unspecified issue in BI Publisher that could allow remote attackers to affect integrity via unknown vectors. Oracle’s October 2010 Critical Patch Update li...