22 matches found
EUVD-2021-0069
Malware in sbrugna...
Easy-XML XML External Entity Injection Vulnerability
Easy-Xml is used to provide a simplified view of Xml documents.Easy-XML is vulnerable to XML external entity injection, which stems from errors such as configuration during the operation of a network system or product, and can be exploited by an unauthorized attacker to obtain sensitive informati...
XML External Entity vulnerability in Easy-XML
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
GHSA-V899-28G4-QMH8 XML External Entity vulnerability in Easy-XML
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
XML External Entity (XXE) Injection
easy-xml is vulnerable to XML external entity injection. When processing XML data, the parseXML function in init .py allows an attacker to access sensitive data or crash the application...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
PYSEC-2021-388
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
Xxe
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
PYSEC-2021-388
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
CVE-2020-26705 affects Easy-XML 0.5.0, where the parseXML function is vulnerable to XML External Entity (XXE) processing. The underlying issue allows an attacker to expose sensitive data or cause a denial of service via a crafted external entity in the XML input. Exploitation details are not prov...
The vulnerability of the XML Parsing component in the Easy XML Editor allows a hacker to cause a service failure in the application or to read arbitrary files from the system.
The vulnerability of the XML Parsing component in the Easy XML Editor is related to errors in processing XML requests. Exploiting this vulnerability can allow an attacker to cause service failures in the application or enable them to read arbitrary files in the system by running a specially craft...
Easy XML Editor 1.7.8 - XML External Entity Injection Vulnerability
Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Tested on: Windows 10...
Easy XML Editor 1.7.8 - XML External Entity Injection
Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched...
Easy XML Editor 1.7.8 - XML External Entity Injection
Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Teste...
Easy XML Editor Code Problem Vulnerability
Easy XML Editor is an XML editor. A code issue vulnerability exists in Easy XML Editor v1.7.8 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No detailed vulnerability details are provided at this...
CVE-2019-19031
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...
CVE-2019-19031
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...
Xxe
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...