Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

GithubExploit
GithubExploitadded 2026/05/15 2:54 p.m.48 views

Zor-Seviye-xxe-Lab

AltaySec SOC Policy Manager — Zor Seviye Blind OOB XXE Lab...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/07/13 9:22 a.m.11 views

CVE-2025-6438

A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external entities injection resulting in unauthorized file access when the server is accessed via the network using an application account...

5.9CVSS6.6AI score0.00257EPSS
Exploits1References1
OSV
OSVadded 2025/05/29 5:27 p.m.3 views

GHSA-42HM-PQ2F-3R7M PHPOffice Math allows XXE when processing an XML file in the MathML format

Product: Math Version: 0.2.0 CWE-ID: CWE-611: Improper Restriction of XML External Entity Reference CVSS vector v.4.0: 8.7 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS vector v.3.1: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Description: An attacker can create a special XML file, duri...

8.7CVSS7AI score0.00369EPSS
Exploits0References4
NVD
NVDadded 2025/05/14 6:15 p.m.8 views

CVE-2025-4639

CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder method of WebDav servlet in Peergos. This issue affects Peergos through version 1.1.0...

8.8CVSS0.00224EPSS
Exploits0References1
CVE
CVEadded 2025/05/14 6:4 p.m.34 views

CVE-2025-4639

CVE-2025-4639 affects Peergos up to version 1.1.0, due to CWE-611 (Improp er Restriction of XML External Entity Reference) in the WebDav servlet’s getDocumentBuilder() method. Multiple sources corroborate the issue in Peergos 1.1.0 and earlier, describing a vulnerability that can impact confident...

8.8CVSS7.2AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 10:23 a.m.3 views

CVE-2024-12476

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation integrity and potential remote code execution on the compromised computer, when specific crafted XML file is imported in the Web Designer configuration...

8.4CVSS7.5AI score0.00311EPSS
Exploits0References1
CVE
CVEadded 2025/01/17 9:42 a.m.39 views

CVE-2024-12476

CVE-2024-12476 affects Schneider Electric Web Designer configuration tool. The defect is an XML External Entity (XXE) reference vulnerability (CWE-611) in the XML import path, leading to information disclosure, potential workstation integrity impact, and possible remote code execution on the comp...

8.4CVSS8AI score0.00311EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2020/07/07 4:32 p.m.37 views

XXE attack in Mapfish Print

Impact A user can do to an XML External Entity XXE attack with the provided SDL style. Patches Use version = 3.24 Workarounds No References https://cwe.mitre.org/data/definitions/611.html https://github.com/mapfish/mapfish-print/pull/1397/commits/e1d0527d13db06b2b62ca7d6afb9e97dacd67a0e For more...

9.3CVSS8.8AI score0.00342EPSS
Exploits0References5Affected Software3
Exploit DB
Exploit DBadded 2020/01/29 12:0 a.m.152 views

XMLBlueprint 16.191112 - XML External Entity Injection

Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version: 16.191112 and before Patched Version: unpatched Category:...

8.1CVSS8.2AI score0.05371EPSS
Exploits5
Rows per page
Query Builder