9 matches found
EUVD-2018-15667
Malware in sbrugna...
FocalScope XML External Entity Injection Vulnerability
FocalScope is a cloud-based help desk solution. The product includes email ticketing, survey management, and implementation chat tools. An XML external entity injection vulnerability exists in FocalScope v2416 and prior versions. An attacker could exploit this vulnerability by submitting a...
CVE-2018-3881
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise...
CVE-2018-3881
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise...
Xxe
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise...
CVE-2018-3881
An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope's server that could cause an XXE, and potentially result in data compromise...
CVE-2018-3881
CVE-2018-3881 affects FocalScope v2416 and earlier: an unauthenticated XML External Entity (XXE) vulnerability that allows a crafted XML payload to cause data disclosure. TALOS details show the vulnerability is triggered via POST to /emm/cros /xlogin.asp with a crafted XML document, demonstrating...
FocalScope XML External Entity Injection Vulnerability
Summary An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope’s server that could cause an XXE, and potentially result in data compromise. Tested Versions...
focalscope.com XSS vulnerability
Vulnerable URL: http://www.focalscope.com/kb/askQuestion/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1005588 VIP website status:| No Check focalscope.com SSL connection:| Grade...