Lucene search
K

92 matches found

securityvulns
securityvulns
added 2015/06/08 12:0 a.m.54 views

Apache Jackrabbit XXE

XXE via WebDAV request...

6.4CVSS3.5AI score0.51488EPSS
Exploits6References1Affected Software1
OSV
OSV
added 2015/05/29 3:59 p.m.1 views

DEBIAN-CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS7AI score0.51488EPSS
Exploits6References1
NVD
NVD
added 2015/05/29 3:59 p.m.14 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS6.4AI score0.51488EPSS
Exploits6References8
OSV
OSV
added 2015/05/29 3:59 p.m.5 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.3AI score
Exploits0References8
Prion
Prion
added 2015/05/29 3:59 p.m.23 views

Xxe

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS7AI score0.51488EPSS
Exploits6References8Affected Software1
OSV
OSV
added 2015/05/29 3:59 p.m.4 views

UBUNTU-CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS5.9AI score0.51488EPSS
Exploits6References4
UbuntuCve
UbuntuCve
added 2015/05/29 3:59 p.m.20 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS5.9AI score0.51488EPSS
Exploits6References3
Cvelist
Cvelist
added 2015/05/29 3:0 p.m.33 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.3AI score0.51488EPSS
Exploits6References8
CVE
CVE
added 2015/05/29 3:0 p.m.119 views

CVE-2015-1833

The CVE-2015-1833 issue is an XXE vulnerability in Apache Jackrabbit’s WebDAV handling where the XML parser can be coerced to read local/network resources. Affected versions include Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10....

6.4CVSS6.4AI score0.51488EPSS
Exploits6References8Affected Software1
Debian CVE
Debian CVE
added 2015/05/29 3:0 p.m.69 views

CVE-2015-1833

XML external entity XXE vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request...

6.4CVSS6.4AI score0.51488EPSS
Exploits6
0day.today
0day.today
added 2015/05/27 12:0 a.m.158 views

Apache Jackrabbit WebDAV XXE Exploit

Exploit for java platform in category web applications !/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833...

6.4CVSS0.1AI score0.51488EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/05/26 12:0 a.m.109 views

Apache JackRabbit - WebDAV XML External Entity

!/usr/bin/env python """ Exploit Title: Jackrabbit WebDAV XXE Date: 25-05-2015 Software Link: http://jackrabbit.apache.org/jcr/ Exploit Author: Mikhail Egorov Contact: 0ang3el gmail com Website: http://0ang3el.blogspot.com CVE: CVE-2015-1833 Category: webapps 1. Description Jackrabbit WebDAV plug...

6.4CVSS6.4AI score0.51488EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Apache JackRabbit 2.0.0 webapp XPath Injection

No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Apache Jackrabbit 1.4/1.5 Content Repository (JCR) search.jsp q Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Apache Jackrabbit 1.4/1.5 Content Repository (JCR) swr.jsp q Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/33360/info Apache Jackrabbit is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/13 12:0 a.m.28 views

Apache JackRabbit 2.0.0 XPath Injection

Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/08/11 12:0 a.m.17 views

Apache JackRabbit 2.0.0 webapp XPath Injection Vulnerabilty

Exploit for jsp platform in category web applications =========================================================== Apache JackRabbit 2.0.0 webapp XPath Injection Vulnerabilty =========================================================== Title: Apache JackRabbit webapp XPath Injection Author: ADEO...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/08/11 12:0 a.m.16 views

Apache JackRabbit 2.0.0 - webapp XPath Injection

Apache JackRabbit 2.0.0 - webapp XPath Injection Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip...

7.7AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/11 12:0 a.m.23 views

Apache JackRabbit 2.0.0 - webapp XPath Injection

Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/12/24 12:0 a.m.8 views

apache Jackrabbit 1.5 跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
Rows per page
Query Builder