CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CNVD•added 2017/11/13 12:0 a.m.•1 views

Unspecified Vulnerability in Inedo BuildMaster

Inedo BuildMaster is a suite of automated deployment software from Inedo Japan. The software integrates a variety of tools to automate the deployment of application suites. A security vulnerability exists in versions of Inedo BuildMaster prior to 5.8.2, which stems from the program using...

9.8CVSS6.8AI score0.0078EPSS

Exploits0References1

NVD•added 2017/11/10 9:29 a.m.•7 views

CVE-2017-16521

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used...

9.8CVSS9.6AI score0.0078EPSS

Exploits0References5

Prion•added 2017/11/10 9:29 a.m.•8 views

Design/Logic Flaw

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used...

7.5CVSS9.5AI score0.0078EPSS

Exploits0References5Affected Software1

OSV•added 2017/11/10 9:29 a.m.•2 views

CVE-2017-16521

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used...

9.8CVSS5.8AI score

Exploits0References5

Cvelist•added 2017/11/10 9:0 a.m.•10 views

CVE-2017-16521

In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used...

9.6AI score0.0078EPSS

Exploits0References5

CVE•added 2017/11/10 9:0 a.m.•33 views

CVE-2017-16521

Inedo BuildMaster prior to 5.8.2 uses XslTransform where XslCompiledTransform should have been used. Affects Inedo BuildMaster versions before 5.8.2; root cause is the use of a non-compiled XSLT path. The CVE details from multiple sources (NVD/NVD CVE-2017-16521) indicate high severity, with reme...

9.8CVSS9.5AI score0.0078EPSS

Exploits0References5Affected Software1

Prion•added 2017/10/30 2:29 p.m.•18 views

Design/Logic Flaw

Ektron Content Management System CMS before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data...

7.5CVSS8.2AI score0.82595EPSS

Exploits5References4Affected Software1

NVD•added 2017/10/30 2:29 p.m.•14 views

CVE-2012-5357

9.8CVSS9.8AI score0.82595EPSS

Exploits5References4

CVE•added 2017/10/30 2:0 p.m.•132 views

CVE-2012-5357

CVE-2012-5357 affects Ektron CMS prior to 8.02 SP5. The vulnerability arises from XslCompiledTransform with enablescript set to true, allowing remote code execution with NETWORK SERVICE privileges via crafted XSL data. Documentation and third-party sources confirm RCE potential in Ektron’s XSLT h...

9.8CVSS9.6AI score0.82595EPSS

Exploits5References4Affected Software1

Check Point Advisories•added 2013/07/21 12:0 a.m.•4 views

Ektron XSLT Transform Remote Code Execution (CVE-2012-5357)

A remote code execution vulnerability has been reported in Ektron CMS in XslCompiledTransform class...

9.5AI score0.82595EPSS

Exploits5

Tenable Nessus•added 2012/12/12 12:0 a.m.•57 views

Ektron CMS XslCompiledTransform Class Request Parsing Remote Code Execution

The version of Ektron CMS hosted on the remote web server is affected by a remote code execution vulnerability. The vulnerability arises because the 'ekajaxtransform.aspx' script utilizes the .NET 'XslCompiledTransform' class with 'enablescript' set to true. Nessus was able to execute this...

9.8CVSS9.3AI score0.82595EPSS

Exploits5References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by