21 matches found
EUVD-2021-0069
Malware in sbrugna...
Easy-XML XML External Entity Injection Vulnerability
Easy-Xml is used to provide a simplified view of Xml documents.Easy-XML is vulnerable to XML external entity injection, which stems from errors such as configuration during the operation of a network system or product, and can be exploited by an unauthorized attacker to obtain sensitive informati...
XML External Entity vulnerability in Easy-XML
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
GHSA-V899-28G4-QMH8 XML External Entity vulnerability in Easy-XML
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
XML External Entity (XXE) Injection
easy-xml is vulnerable to XML external entity injection. When processing XML data, the parseXML function in init .py allows an attacker to access sensitive data or crash the application...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
PYSEC-2021-388
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
Xxe
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
PYSEC-2021-388
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity XXE vulnerability which allows for an attacker to expose sensitive data or perform a denial of service DOS via a crafted external entity entered into the XML content as input...
CVE-2020-26705
CVE-2020-26705 affects Easy-XML 0.5.0, where the parseXML function is vulnerable to XML External Entity (XXE) processing. The underlying issue allows an attacker to expose sensitive data or cause a denial of service via a crafted external entity in the XML input. Exploitation details are not prov...
Easy XML Editor 1.7.8 - XML External Entity Injection Vulnerability
Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Tested on: Windows 10...
Easy XML Editor 1.7.8 - XML External Entity Injection
Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched...
Easy XML Editor 1.7.8 - XML External Entity Injection
Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Teste...
Easy XML Editor Code Problem Vulnerability
Easy XML Editor is an XML editor. A code issue vulnerability exists in Easy XML Editor v1.7.8 and prior versions. The vulnerability stems from an improperly designed or implemented code development process for a web-based system or product. No detailed vulnerability details are provided at this...
CVE-2019-19031
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...
CVE-2019-19031
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...
Xxe
Easy XML Editor through v1.7.8 is affected by: XML External Entity Injection. The impact is: Arbitrary File Read and DoS by consuming resources. The component is: XML Parsing. The attack vector is: Specially crafted XML payload...
CVE-2019-19031
CVE-2019-19031 affects Easy XML Editor up to version 1.7.8 (and earlier). The issue is an XML External Entity Injection in the XML parsing component, triggered by a specially crafted XML payload. Ranked with high impact in CVSS 3.1: high confidentiality and availability impacts (C:H, A:H) and net...