Lucene search
K

8 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:58 p.m.47 views

K49033153: Apache Syncope vulnerabilities CVE-2018-1321 and CVE-2018-1322

Security Advisory Description CVE-2018-1321 An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations XSLT to perform malicious operations,...

7.2CVSS6.2AI score0.20502EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2018/11/06 11:17 p.m.7 views

org.apache.syncope:syncope-core-upgrader (>=1.2.0 <=1.2.10), org.apache.syncope:syncope-standalone (>=1.1.0 <=1.1.8) potentially affected by CVE-2018-1321 via org.apache.syncope:syncope-core (>=1.1.0 <=1.2.10)

org.apache.syncope:syncope-core MAVEN version =1.1.0, =1.2.0, =1.1.0, =1.1.8 Source cves: CVE-2018-1321 Source advisory: OSV:GHSA-XGC9-9W4V-H33H...

7.2CVSS7AI score0.18024EPSS
Exploits4
Packet Storm
Packet Storm
added 2018/09/15 12:0 a.m.108 views

Apache Syncope 2.0.7 Remote Code Execution

Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory: https://syncope.apache.org/security CVE:...

6.5CVSS0.3AI score0.20502EPSS
Exploits4
0day.today
0day.today
added 2018/09/15 12:0 a.m.78 views

Apache Syncope 2.0.7 Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows...

6.5CVSS6.7AI score0.20502EPSS
Exploits4
exploitpack
exploitpack
added 2018/09/13 12:0 a.m.95 views

Apache Syncope 2.0.7 - Remote Code Execution

Apache Syncope 2.0.7 - Remote Code Execution Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory:...

6.5CVSS0.3AI score0.20502EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/09/13 12:0 a.m.57 views

Apache Syncope 2.0.7 - Remote Code Execution

Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows Advisory: https://syncope.apache.org/security CVE:...

7.2CVSS7AI score0.20502EPSS
Exploits4
OSV
OSV
added 2018/03/20 5:29 p.m.12 views

CVE-2018-1321

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations XSLT to perform malicious operations, including but not limited to file read, file...

7.2CVSS7.4AI score0.18024EPSS
Exploits4References3
CVE
CVE
added 2018/03/20 5:0 p.m.89 views

CVE-2018-1321

Apache Syncope vulnerability CVE-2018-1321: An administrator with report and template entitlements can abuse XSLT to perform malicious operations (read/write files, execute code) in affected releases of Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 (plus some unsupported 1.0/1.1 branc...

7.2CVSS7AI score0.18024EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder