Lucene search
K

6 matches found

OSV
OSV
added 2019/07/26 9:15 p.m.4 views

CVE-2019-10266

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication...

7.5CVSS5.8AI score0.13301EPSS
Exploits4References2
CVE
CVE
added 2019/07/26 8:51 p.m.376 views

CVE-2019-10266

Affected product: Ahsay Cloud Backup Suite prior to 8.1.1.50. Issue: unauthenticated, out-of-bounds XML input can trigger XML External Entity (XXE) processing, enabling an attacker to read file structures and contents from the server. Root cause: improper handling of XML input leading to informat...

7.8CVSS7.3AI score0.13301EPSS
Exploits4References2Affected Software1
exploitpack
exploitpack
added 2019/07/26 12:0 a.m.138 views

Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection

Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection Unauthenticated XML External Entity XXE in Ahsay Backup v7.x - v8.1.0.50. Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81050/cbs-win.exe Version: 7.x...

7.8CVSS0.3AI score0.13301EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/26 12:0 a.m.365 views

Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection

Unauthenticated XML External Entity XXE in Ahsay Backup v7.x - v8.1.0.50. Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81050/cbs-win.exe Version: 7.x %remote;%intern; %trick; On http://attacker/oob add the following...

7.8CVSS7AI score0.13301EPSS
Exploits5
0day.today
0day.today
added 2019/07/26 12:0 a.m.56 views

Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection Vulnerability

Exploit for jsp platform in category web applications Unauthenticated XML External Entity XXE in Ahsay Backup v7.x - v8.1.0.50. Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81050/cbs-win.exe Version: 7.x...

7.8CVSS0.1AI score0.13301EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/07/26 12:0 a.m.132 views

Ahsay Backup 7.x / 8.x XML Injection

Unauthenticated XML External Entity XXE in Ahsay Backup v7.x - v8.1.0.50. Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81050/cbs-win.exe Version: 7.x %remote;%intern; %trick; On http://attacker/oob add the following...

0.13301EPSS
Exploits5
Rows per page
Query Builder