Exploit for Improper Restriction of XML External Entity Reference in Wordpress

CVE-2021-29447-PoC Overview CVE-2021-29447 is an XML Exte...

MediaWiki XXE Vulnerability - Windows

The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service DoS, or possibly have other impact via an XML external entity XXE attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

Xxe

The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack. NOTE: Related to CVE-2014-2053...

CVE-2014-9487

CVE-2014-9487 involves the getID3 library used by MediaWiki. The flaw enables an XML External Entity (XXE) attack that can cause the system to read arbitrary files, with potential denial of service or other impact. Affected MediaWiki versions are 1.19.23, 1.22.15, 1.23.8, and 1.24.0 prior to 1.24...

CVE-2014-9487

The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity XXE attack. NOTE: Related to CVE-2014-2053...

getID3 library and Audio, Mediafield - arbitrary code execution

The getID3 library used by Audio and Mediafield contains a directory with scripts demonstrating use of the library. These scripts allow any visitor to browse the filesystem, read and delete files or write to zero-byte files or files with an mp3 extension. These actions are only limited by the...