Lucene search
K

14 matches found

NVD
NVD
added 2022/03/25 7:15 p.m.18 views

CVE-2021-44477

GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity XXE vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band OOB attack. The vulnerability is triggered when input...

7.5CVSS0.01052EPSS
Exploits0References1
Prion
Prion
added 2022/03/25 7:15 p.m.20 views

Xxe

GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity XXE vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band OOB attack. The vulnerability is triggered when input...

5CVSS7.6AI score0.01052EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/25 6:2 p.m.29 views

CVE-2021-44477 GE Gas Power ToolBoxST Improper Restriction of XML External Entity Reference

GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity XXE vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band OOB attack. The vulnerability is triggered when input...

7.5CVSS7.6AI score0.01052EPSS
Exploits0References1
NVD
NVD
added 2021/02/11 6:15 p.m.15 views

CVE-2021-27184

Pelco Digital Sentry Server 7.18.72.11464 has an XML External Entity vulnerability exploitable via the DTD parameter entities technique, resulting in disclosure and retrieval of arbitrary data on the affected node via an out-of-band OOB attack. The vulnerability is triggered when input passed to...

7.5CVSS0.01594EPSS
Exploits1References2
CVE
CVE
added 2021/02/11 5:38 a.m.47 views

CVE-2021-27184

Pelco Digital Sentry Server 7.18.72.11464 is vulnerable to XML External Entity (XXE) processing in DSControlPoint.exe when parsing ControlPointCacheShare.xml in %APPDATA% Pelco, enabling disclosure of arbitrary data on the affected node via an out-of-band (OOB) attack. Root cause is unsanitized i...

7.5CVSS7.4AI score0.01594EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2018/09/06 12:0 a.m.58 views

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications Title: NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection File Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Vendor: NovaRad Corporation Product web page: https://www.novarad.net Affected version: 8.5.19.75...

Exploits0
NVD
NVD
added 2018/07/03 2:29 p.m.16 views

CVE-2018-7783

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band OOB attack. The vulnerability is triggered when input...

7.5CVSS7.5AI score0.0156EPSS
Exploits0References1
Prion
Prion
added 2018/07/03 2:29 p.m.20 views

Xxe

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band OOB attack. The vulnerability is triggered when input...

5CVSS7.4AI score0.0156EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/07/03 2:0 p.m.18 views

CVE-2018-7783

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band OOB attack. The vulnerability is triggered when input...

7.5AI score0.0156EPSS
Exploits0References1
Zero Science Lab
Zero Science Lab
added 2018/04/07 12:0 a.m.592 views

KYOCERA Multi-Set Template Editor 3.4 Out-Of-Band XML External Entity Injection

Summary KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000 devices. Tasks that used to require multiple programs or walking to each printer can now be...

7.5CVSS5.9AI score0.00754EPSS
Exploits2
seebug.org
seebug.org
added 2017/12/11 12:0 a.m.31 views

Cimetrics BACnet Explorer 4.0 XXE Vulnerability

Summary The BACnet Explorer is a BACnet client application that helps auto discover BACnet devices. Description BACnetExplorer suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/13 12:0 a.m.43 views

Cimetrics BACnet Explorer 4.0 XXE Injection

Cimetrics BACnet Explorer 4.0 XXE Vulnerability Vendor: Cimetrics, Inc. Product web page: https://www.cimetrics.com Affected version: 4.0.0.0 Summary: The BACnet Explorer is a BACnet client application that helps auto discover BACnet devices. Desc: BACnetExplorer suffers from an XML External Enti...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/07/08 12:0 a.m.24 views

CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval

Exploit for multiple platform in category web applications CyberPower Systems PowerPanel 3.1.2 XXE Out-Of-Band Data Retrieval Vendor: CyberPower Systems, Inc. Product web page: https://www.cyberpowersystems.com Affected version: 3.1.2 37567 Business Edition Summary: The PowerPanel® Business Editi...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/12/13 12:0 a.m.32 views

Multiple vendor SOAP server (XML parser) denial of service (DTD parameter entities)

/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...

0.3AI score
Exploits0
Rows per page
Query Builder