Lucene search
K

10 matches found

NVD
NVD
added 2015/02/14 3:1 a.m.20 views

CVE-2015-0931

Ektron Content Management System CMS 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue...

6.8CVSS7.6AI score0.02441EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.36 views

Google Appliance ProxyStyleSheet Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Google...

7.5CVSS0.4125EPSS
Exploits4
Metasploit
Metasploit
added 2009/04/13 2:33 p.m.76 views

Google Appliance ProxyStyleSheet Command Execution

This module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 GA-2005-08-m. The target appliance must be able to connect back to...

7.5CVSS0.4125EPSS
Exploits4
NVD
NVD
added 2005/11/22 9:3 p.m.34 views

CVE-2005-3757

The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as 1 system-property...

7.5CVSS7.3AI score0.4125EPSS
Exploits4References7
Cvelist
Cvelist
added 2005/11/22 9:0 p.m.33 views

CVE-2005-3757

The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as 1 system-property...

7.3AI score0.4125EPSS
Exploits4References7
CVE
CVE
added 2005/11/22 9:0 p.m.58 views

CVE-2005-3757

The CVE-2005-3757 issue affects the Saxon XSLT parser used by Google Mini Search Appliance (and possibly Google Search Appliance). The vulnerability arises from dangerous Java methods (system-property, sys:getProperty, run:exec) in the select attribute of xsl:value-of in XSLT style sheets, enabli...

7.5CVSS7.4AI score0.4125EPSS
Exploits4References7Affected Software2
Debian CVE
Debian CVE
added 2005/11/22 9:0 p.m.65 views

CVE-2005-3757

Removed by vendor...

7.5CVSS6.9AI score0.4125EPSS
Exploits4
securityvulns
securityvulns
added 2005/11/21 12:0 a.m.42 views

[Full-disclosure] Google Search Appliance proxystylesheet Flaws

This document can be found online at: - http://metasploit.com/research/vulns/googleproxystylesheet/ Title: Google Search Appliance proxystylesheet Flaws Release Date: November 21, 2005 Patch Date: August 16, 2005 Reported Date: June 10, 2005 Vendor: Google Systems Affected: Google Mini Search...

7.6AI score
Exploits0
Packet Storm
Packet Storm
added 2005/11/20 12:0 a.m.24 views

google.pm.txt

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/11/20 12:0 a.m.12 views

Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)

Google Search Appliance - proxystylesheet XSLT Java Code Execution Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license a...

0.3AI score
Exploits0
Rows per page
Query Builder