Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2017/10/30 2:0 p.m.149 views

CVE-2012-5357

CVE-2012-5357 affects Ektron CMS prior to 8.02 SP5. The vulnerability arises from XslCompiledTransform with enablescript set to true, allowing remote code execution with NETWORK SERVICE privileges via crafted XSL data. Documentation and third-party sources confirm RCE potential in Ektron’s XSLT h...

9.8CVSS9.6AI score0.67776EPSS
Exploits6References4Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2013/07/21 12:0 a.m.6 views

Ektron XSLT Transform Remote Code Execution (CVE-2012-5357)

A remote code execution vulnerability has been reported in Ektron CMS in XslCompiledTransform class...

9.5AI score0.67776EPSS
Exploits6
Packet Storm
Packet Stormadded 2012/12/05 12:0 a.m.31 views

Ektron 8.02 XSLT Transform Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/exploit/filedropper' class Metasploit3...

6.2CVSS0.5AI score0.67776EPSS
Exploits6
0day.today
0day.todayadded 2012/12/05 12:0 a.m.46 views

Ektron 8.02 XSLT Transform Remote Code Execution

This Metasploit module exploits a vulnerability in Ektron CMS 8.02 before SP5. The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, which allows to execute...

7.5CVSS1AI score0.67776EPSS
Exploits6
Circl
Circladded 2012/12/05 12:0 a.m.20 views

CVE-2012-5357

creationtimestamp| type| source ---|---|--- 2012-12-05 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/23155 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ektronxsltexec.rb 2025-02-06 03:13:40+00:00| seen|...

9.8CVSS7.3AI score0.67776EPSS
Exploits6References2
Exploit DB
Exploit DBadded 2012/12/05 12:0 a.m.39 views

Ektron 8.02 - XSLT Transform Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/exploit/filedropper' class Metasploit3...

9.8CVSS9.6AI score0.67776EPSS
Exploits6
msvr
msvradded 2012/10/16 12:0 a.m.573 views

Vulnerabilities in Ektron CMS Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two vulnerabilities affecting Ektron Web Content Management System CMS. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Ektron. Ektron...

6.2CVSS3.4AI score0.67776EPSS
Exploits7Affected Software1
Rows per page
Query Builder