3 matches found
CVE-2017-8918
XXE in Blackwave Dive Assistant – Desktop Edition 8.0 (Dive Assistant Template Builder) allows an attacker to view local files via a crafted template.xml. The vulnerability is XML External Entity (XXE) injection in the template builder that processes XML templates, enabling local-file disclosure....
Dive Assistant Template Builder 8.0 - XML External Entity Injection
Dive Assistant Template Builder 8.0 - XML External Entity Injection + Exploit Title: Dive Assistant - Template Builder XXE Injection + Date: 12-05-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.blackwave.com/ + Software Link:...
Dive Assistant Template Builder 8.0 - XML External Entity Injection
Exploit Title: Dive Assistant - Template Builder XXE Injection + Date: 12-05-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.blackwave.com/ + Software Link: http://www.diveassistant.com/Products/DiveAssistantDesktop/index.aspx + Version: 8.0 + Tested on: Windows 7 SP1, Windows...