Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 4:34 p.m.19 views

CVE-2020-26564

ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have !ENTITY content, create a .xml file for a generic survey template containing a link to this .css file, and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey'importFile'...

6.5CVSS6.8AI score0.01121EPSS
Exploits5
cve
cve
added 2021/07/31 4:28 p.m.130 views

CVE-2020-26564

ObjectPlanet Opinio is affected by XXE in versions before 7.15. The vulnerability arises from a sequence where an attacker modifies a CSS file to include an ENTITY, creates an XML that references that CSS, and imports the XML via the survey admin interface, enabling an XXE that can be triggered d...

6.5CVSS6.7AI score0.01121EPSS
Exploits5References2Affected Software1
zdt
zdt
added 2021/07/30 12:0 a.m.159 views

ObjectPlanet Opinio 7.13 / 7.14 XML Injection Vulnerability

Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26564 Exploit Title: ObjectPlanet Opinio version 7.13/7.14 allows XXE injection Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timothy Tan ...

6.5CVSS0.01121EPSS
Exploits5
packetstorm
packetstorm
added 2021/07/30 12:0 a.m.254 views

ObjectPlanet Opinio 7.13 / 7.14 XML Injection

Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26564 Exploit Title: ObjectPlanet Opinio version 7.13/7.14 allows XXE injection Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors: Timothy Tan ...

6.9AI score0.01121EPSS
Exploits5
Rows per page
Query Builder