Security Update for Expression Design 2 (KB2667725)

This security update resolves a vulnerability in Microsoft Expression Design which could allow remote code execution if a user opens a legitimate file located in the same network directory as a specially crafted dynamic link library DLL file...

Security Update for Expression Design 3 (KB2667727)

This security update resolves a vulnerability in Microsoft Expression Design which could allow remote code execution if a user opens a legitimate file located in the same network directory as a specially crafted dynamic link library DLL file...

Expression Web V4 DE

Detectoid checking whether Expression Web V4 DE is installed...

Expression Web V4 ES

Detectoid checking whether Expression Web V4 ES is installed...

Expression Design V2 EN

Detectoid checking whether Expression Design V2 EN is installed...

CVE-2020-15143: Remote Code Execution in ParametersParser while using request parameters inside expression language

Impact Request parameters injected inside an expression evaluated by symfony/expression-language package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. The vulnerable versions...