Lucene search
K

5 matches found

Cvelist
Cvelist
added 2018/06/05 9:0 p.m.15 views

CVE-2018-11586

XML external entity XXE vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

9.3AI score0.1517EPSS
Exploits5References3
CVE
CVE
added 2018/06/05 9:0 p.m.63 views

CVE-2018-11586

The CVE-2018-11586 entry describes an XML External Entity (XXE) vulnerability in SearchBlox 8.6.7, specifically in api/rest/status. The root cause is improper XML parsing that allows a crafted DTD to cause remote file disclosure and server-side request forgery (SSRF), enabling remote unauthentica...

9.8CVSS9.2AI score0.1517EPSS
Exploits5References3Affected Software1
Packet Storm
Packet Storm
added 2018/06/04 12:0 a.m.57 views

SearchBlox 8.6.7 XML External Entity Injection

Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 1. DETAILS An XML External Entity attack is a typ...

9.7AI score0.1517EPSS
Exploits5
0day.today
0day.today
added 2018/06/04 12:0 a.m.86 views

SearchBlox 8.6.7 - XML External Entity Injection Vulnerability

Exploit for java platform in category web applications Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE:...

0.1517EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/04 12:0 a.m.45 views

SearchBlox 8.6.7 - XML External Entity Injection

SearchBlox 8.6.7 - XML External Entity Injection Exploit Title: SearchBlox 8.6.7 Out-Of-Band XML eXternal Entity OOB-XXE Exploit Author: Ahmet GUREL, Canberk BOLAT Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.7 Platform: Java Tested on: Windows CVE: CVE-2018-11586 ...

7.5CVSS9.9AI score0.1517EPSS
Exploits5
Rows per page
Query Builder