Lucene search
K

4 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.11 views

CVE-2015-0923

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ektronxsltexecws.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:35+00:00| seen|...

5CVSS5.7AI score0.22034EPSS
Exploits3References1
0day.today
0day.today
added 2017/03/04 12:0 a.m.45 views

Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution Exploit

Ektron versions 8.5, 8.7 equal to and below sp1, and 9.0 before sp1 have vulnerabilities in various operations within the ServerControlWS.asmxweb services. These vulnerabilities allow for remote code execution without authentication and execute in the context of IIS on the remote system. This...

5CVSS7.8AI score0.22034EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/03/04 12:0 a.m.136 views

Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ektron 8.5, 8.7, 9.0 XSLT Transform Remote Code Execution', 'Description' = %q Ektron 8.5, 8.7 'catatonicprime' , 'License' =...

5CVSS0.5AI score0.22034EPSS
Exploits3
CVE
CVE
added 2015/02/14 2:0 a.m.57 views

CVE-2015-0923

The CVE-2015-0923 vulnerability affects Ektron CMS versions 8.5, 8.7 before 8.7sp2, and 9.0 before sp1, in ContentBlockEx via Workarea/ServerControlWS.asmx. An XML External Entity (XXE) flaw arises when an XML document is named in the xslt parameter, allowing remote, unauthenticated readers to ac...

5CVSS6.9AI score0.22034EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder