92 matches found
Apache Jackrabbit XXE
XXE via WebDAV request...
DEBIAN-CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
Xxe
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
UBUNTU-CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
CVE-2015-1833
The CVE-2015-1833 issue is an XXE vulnerability in Apache Jackrabbit’s WebDAV handling where the XML parser can be coerced to read local/network resources. Affected versions include Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10....
CVE-2015-1833
XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...
Apache Jackrabbit WebDAV XXE Exploit
Exploit for java platform in category web applications !/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833...
Apache JackRabbit - WebDAV XML External Entity
!/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833 Category: webapps 1. Description Jackrabbit WebDAV plug...
Apache JackRabbit 2.0.0 webapp XPath Injection
No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...
Apache Jackrabbit 1.4/1.5 Content Repository (JCR) search.jsp q Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...
Apache Jackrabbit 1.4/1.5 Content Repository (JCR) swr.jsp q Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...
Apache JackRabbit 2.0.0 XPath Injection
Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...
Apache JackRabbit 2.0.0 webapp XPath Injection Vulnerabilty
Exploit for jsp platform in category web applications =========================================================== Apache JackRabbit 2.0.0 webapp XPath Injection Vulnerabilty =========================================================== Title: Apache JackRabbit webapp XPath Injection Author: ADEO...
Apache JackRabbit 2.0.0 - webapp XPath Injection
Apache JackRabbit 2.0.0 - webapp XPath Injection Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip...
Apache JackRabbit 2.0.0 - webapp XPath Injection
Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...
apache Jackrabbit 1.5 跨站脚本漏洞
No description provided by source...