SharePoint 2007/2010 and DotNetNuke < 6 - File disclosure via XEE

No description provided by source. Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke 6 CVE : CVE-2011-1892 poc filename: xee.xml !DOCTYPE doc !ENTITY boom SYSTEM...

SharePoint 2007 / 2010 And DotNetNuke File Disclosure

Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke poc filename: xee.xsl...

SharePoint 20072010 and DotNetNuke 6 - File Disclosure (via XEE)

SharePoint 20072010 and DotNetNuke 6 - File Disclosure via XEE Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke poc filename: xee.xsl...

XEE vulnerabilities in SharePoint &#40;MS11-074&#41; and DotNetNuke

Hello, Microsoft recently published MS11-074. This bulletin concerns mainly SharePoint 2007 and 2010 but CVE-2011-1892 applies too to Office Groove client and server, Office Forms Server 2007 and Office Web Apps 2010. The vulnerability is a "XML External Entity Reference" one, as described in...

SharePoint 2007/2010 and DotNetNuke &lt; 6 - File Disclosure (via XEE)

Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke poc filename: xee.xsl...

File disclosure via XEE in SharePoint 2007/2010 and DotNetNuke < 6

Exploit for windows platform in category web applications Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke Date: September 15, 2011 Author: Nicolas Gregoire Version: SharePoint 2007 / 2010, DotNetNuke poc filename: xee.xsl 0day.today 2018-01-05...

CVE-2011-1892

CVE-2011-1892 targets SharePoint-related products (SharePoint Server/Workspace/ Groove components, Office Web Apps, Windows SharePoint Services, etc.). The flaw is an XXE-style vulnerability where Web Parts containing XML classes referencing external entities allow remote authenticated users to r...