3 matches found
XML External Entity Reference in jbpmmigration
It was discovered that the XmlUtils class in jbpmmigration performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXtern...
ProcessMaker 3.0.1.7 - Multiple Vulnerabilities
Exploit Title: ProcessMaker v3.0.1.7 Multiple vulnerabilities Date: 31/05/2016 Author: Mickael Dorigny @ information-security.fr Vendor or Software Link: http://www.processmaker.com/ Version: 3.0.1.7 Category: Multiple Vulnerabilities ProcessMaker description :...
ProcessMaker 3.0.1.7 Cross Site Request Forgery / Cross Site Scripting
Exploit Title: ProcessMaker v3.0.1.7 Multiple vulnerabilities Date: 31/05/2016 Author: Mickael Dorigny @ information-security.fr Vendor or Software Link: http://www.processmaker.com/ Version: 3.0.1.7 Category: Multiple Vulnerabilities ProcessMaker description :...