13 matches found
XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...
GHSA-VVWV-H69M-WG6F XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...
XML External Entity (XXE)
PHPOffice PhpSpreadsheet is vulnerable to XXE. The fix to prevent CVE-2018-19277 was not sufficient to protect against the previous vulnerability. An attacker is able to bypass the mitigation by double-encoding the the XML payload into utf-7 and bypass the check for the string ?!ENTITY?...
CVE-2019-12331
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...
Xxe
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...
CVE-2019-12331
PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...
PhpSpreadsheet 1.5.0 XXE vulnerability reproduction and analysis-vulnerability warning-the black bar safety net
0x01 introduction PhpSpreadsheet is a very popular pure PHP class library that allows you to easily read and write Excel, LibreOffic Calc and other spreadsheet file formats, is PHPExcel alternative. 2018 11 October 13, PhpSpreadsheet was broke presence of the XXE vulnerability, CVE-2018-19277, in...
PhpSpreadsheet XML External Entity Injection (CVE-2018-19277)
An XML external entity injection vulnerability exists in PhpSpreadsheet library. The vulnerability is due to a failure to properly handle external entity references in XML files. A successful exploitation of this vulnerability could result in the disclosure of file contents from the target system...
PhpSpreadsheet < 1.5.0 - XML External Entity (XXE) Vulnerability
Exploit for php platform in category web applications Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One...
PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)
Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One vulnerability was identified within the PhpSpreadsheet...
PhpSpreadsheet 1.5.0 - XML External Entity (XXE)
PhpSpreadsheet 1.5.0 - XML External Entity XXE Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One vulnerability...
CVE-2018-19277
securityScan in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file...
CVE-2018-19277
CVE-2018-19277 affects PhpSpreadsheet (PHPOffice) up to version 1.5.0. The flaw: the library’s XML handling in Xlsx files can bypass protection via UTF-7 encoding, enabling an XML External Entity (XXE) attack. Root cause per sources: XmlScanner/Xml parsing when declared encoding differs from UTF-...