5 matches found
SAP Internet Graphics Server (IGS) XMLCHART XXE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Internet Graphics Server IGS XMLCHART XXE', 'Description' = %q This module exploits CVE-2018-2392 and CVE-2018-2393, two XXE vulnerabilities...
SAP Internet Graphics Server (IGS) XMLCHART XXE
This module exploits CVE-2018-2392 and CVE-2018-2393, two XXE vulnerabilities within the XMLCHART page of SAP Internet Graphics Servers IGS running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when...
CVE-2018-2392
creationtimestamp| type| source ---|---|--- 2020-10-07 16:19:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/sap/sapigsxmlchartxxe.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:07+00:00| seen|...
CVE-2018-2392
Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...
CVE-2018-2392
Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...