Lucene search
K

6 matches found

CVE
CVE
added 2015/09/16 6:0 p.m.71 views

CVE-2015-3623

The CVE-2015-3623 entry documents an XXE vulnerability in QlikTech QlikView prior to version 11.20 SR12. The flaw occurs in the AccessPoint.aspx XML parser, allowing an unauthenticated remote attacker to perform server-side request forgery (SSRF) and read arbitrary files via specially crafted XML...

6.4CVSS6.4AI score0.1576EPSS
Exploits5References3Affected Software1
Kaspersky
Kaspersky
added 2015/09/16 12:0 a.m.60 views

KLA10668 File access vulnerability in QlikTech QlikView

XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data. Original advisories - Exploitation Public exploits exist for this...

6.4CVSS6.4AI score0.1576EPSS
Exploits5References2
exploitpack
exploitpack
added 2015/09/09 12:0 a.m.61 views

Qlikview 11.20 SR11 - Blind XML External Entity Injection

Qlikview 11.20 SR11 - Blind XML External Entity Injection Exploit Title: Qlikview blind XXE security vulnerability Product: Qlikview Vulnerable Versions: v11.20 SR11 and previous versions Tested Version: v11.20 SR4 Advisory Publication: 08/09/2015 Latest Update: 08/09/2015 Vulnerability Type:...

6.4CVSS0.5AI score0.1576EPSS
Exploits5
0day.today
0day.today
added 2015/09/09 12:0 a.m.82 views

Qlikview 11.20 SR11 - Blind XXE Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Qlikview blind XXE security vulnerability Product: Qlikview Vulnerable Versions: v11.20 SR11 and previous versions Tested Version: v11.20 SR4 Advisory Publication: 08/09/2015 Latest Update: 08/09/2015 Vulnerability Type: Imprope...

6.4CVSS0.4AI score0.1576EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/09/09 12:0 a.m.56 views

Qlikview 11.20 SR4 Blind XXE Injection

Exploit Title: Qlikview blind XXE security vulnerability Product: Qlikview Vulnerable Versions: v11.20 SR11 and previous versions Tested Version: v11.20 SR4 Advisory Publication: 08/09/2015 Latest Update: 08/09/2015 Vulnerability Type: Improper Restriction of XML External Entity Reference CWE-611...

6.4CVSS0.3AI score0.1576EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/09/09 12:0 a.m.98 views

Qlikview 11.20 SR11 - Blind XML External Entity Injection

Exploit Title: Qlikview blind XXE security vulnerability Product: Qlikview Vulnerable Versions: v11.20 SR11 and previous versions Tested Version: v11.20 SR4 Advisory Publication: 08/09/2015 Latest Update: 08/09/2015 Vulnerability Type: Improper Restriction of XML External Entity Reference CWE-611...

6.5CVSS7AI score0.1576EPSS
Exploits5
Rows per page
Query Builder