Lucene search
K

126 matches found

NVD
NVD
added 2018/05/21 7:29 p.m.18 views

CVE-2018-8010

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...

5.5CVSS5.4AI score0.03917EPSS
Exploits0References3
Prion
Prion
added 2018/05/21 7:29 p.m.17 views

Xxe

This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion XXE in Solr config files solrconfig.xml, schema.xml, managed-schema. In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability...

2.1CVSS5.3AI score0.03917EPSS
Exploits0References3Affected Software1
Silent Robot Systems
Silent Robot Systems
added 2015/12/15 4:0 a.m.19 views

XML Entity Cheatsheet - Updated

An XML Entity testing cheatsheet. This is an updated version with nokogiri tests removed, just XXE notes. XML Declarations: 1 2 | ---|--- Vanilla entity test: 1 | &post ---|--- SYSTEM entity test xxe: 1 | ---|--- Parameter Entity. One of the benefits is a paremeter entity is automatically expande...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2015/09/03 9:43 p.m.21 views

Burp Suite Professional 1.6.26 - The Leading Toolkit for Web Application Security Testing

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security...

7.7AI score
Exploits0
Silent Robot Systems
Silent Robot Systems
added 2014/09/03 4:0 a.m.50 views

XML Entity Cheatsheet

An XML Entity testing cheatsheet. Testing was done using an older vulnerable version of nokogiri. In IRB you can require previous versions of gems. Certain techniques e.g. XInclude may require additional settings in Nokogiri. XML Headers: 1 2 | ---|--- Vanilla entity test: 1 | ---|--- SYSTEM enti...

6.9AI score
Exploits0
Silent Robot Systems
Silent Robot Systems
added 2014/09/03 4:0 a.m.15 views

XML Entity Cheatsheet

An XML Entity testing cheatsheet. Testing was done using an older vulnerable version of nokogiri. In IRB you can require previous versions of gems. Certain techniques e.g. XInclude may require additional settings in Nokogiri. XML Headers: 1 2 | ---|--- Vanilla entity test: 1 | &post ---|--- SYSTE...

6.9AI score
Exploits0
Rows per page
Query Builder