The vulnerability of the XML Parsing component in the Easy XML Editor allows a hacker to cause a service failure in the application or to read arbitrary files from the system.

The vulnerability of the XML Parsing component in the Easy XML Editor is related to errors in processing XML requests. Exploiting this vulnerability can allow an attacker to cause service failures in the application or enable them to read arbitrary files in the system by running a specially craft...

Easy XML Editor 1.7.8 - XML External Entity Injection Vulnerability

Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Tested on: Windows 10...

Easy XML Editor 1.7.8 - XML External Entity Injection

Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched...

Easy XML Editor 1.7.8 - XML External Entity Injection

Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Teste...

Easy XML Editor Code Problem Vulnerability

Easy XML Editor is an XML editor. A code issue vulnerability exists in Easy XML Editor v1.7.8 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No detailed vulnerability details are provided at this...

CVE-2019-19031

Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...

CVE-2019-19031

Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...

Xxe

Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...

CVE-2019-19031

CVE-2019-19031 affects Easy XML Editor up to version 1.7.8 (and earlier). The issue is an XML External Entity Injection in the XML parsing component, triggered by a specially crafted XML payload. Ranked with high impact in CVSS 3.1: high confidentiality and availability impacts (C:H, A:H) and net...

CVE-2019-19031

Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...