OpenFire User Import Export Plugin XML External Entity Injection Vulnerability

OpenFire is an open source real-time collaboration RTC server . User Import Export Plugin is one of the ability to import and export Openfire user data through the management console plugin . An XML external entity injection vulnerability exists in the OpenFire User Import Export Plugin version...

Design/Logic Flaw

An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability...

CVE-2017-2815

An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability...

CVE-2017-2815

OpenFire User Import Export Plugin 2.6.0 is vulnerable to XML External Entity (XXE) injection (CVE-2017-2815). An authenticated attacker can send a crafted request to trigger XXE, enabling retrieval of arbitrary files or causing a Denial of Service. Affected component: OpenFire User Import Export...

CVE-2017-2815

An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability...

CVE-2015-5609

The CVE-2015-5609 entry describes an absolute path traversal in the WordPress Image Export plugin 1.1, allowing remote attackers to read and delete arbitrary files via a full pathname passed to download.php. Affected component is the WordPress Image Export plugin (version 1.1); root cause is a pa...

CVE-2015-5609

Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote attackers to read and delete arbitrary files via a full pathname in the file parameter to download.php...

Mantis Bug Tracker 1.2.17 PHP Code Injection Vulnerability

Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability. ----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote...

Mantis Bug Tracker 1.2.17 PHP Code Injection

----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote $this-source-issuelink, '/' . '\d+\b/e'; 111. $replacement = '"\1" . $this-getReplacementString "\2", "\3"...

mantisbt: arbitrary code execution and unrestricted access

CVE-2014-7146 arbitrary code execution When importing data with the plugin, user input passed through the "description" field and the "issuelink" attribute of the uploaded XML file isn't properly sanitized before being used in a call to the pregreplace function which uses the 'e' modifier. This...