Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2018/06/28 12:0 a.m.0 views

ventrian News-ArticlesXML External Entity Injection Vulnerability

ventrian News-Articles is a backend system for publishing and managing news. An XML external entity injection vulnerability exists in the News-Articles/API/MetaWebLog/Handler.ashx.vb file in ventrian News-Articles version 00.09.11. An attacker can use this vulnerability to read arbitrary files on...

7.5CVSS7.8AI score0.00392EPSS
Exploits1References1
OSV
OSVadded 2018/06/26 4:29 p.m.11 views

CVE-2018-1000515

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity XXE vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server...

7.5CVSS7.4AI score
Exploits0References1
Prion
Prionadded 2018/06/26 4:29 p.m.10 views

Xxe

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity XXE vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server...

5CVSS7.4AI score0.00392EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/06/26 4:0 p.m.7 views

CVE-2018-1000515

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity XXE vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server...

7.4AI score0.00392EPSS
Exploits1References1
erpscan
erpscanadded 2011/05/13 12:0 a.m.23 views

SAP NetWeaver EPS - Multiple missing auth check

Application: SAP NetWeaver ABAP Versions Affected: SAP NetWeaver ABAP Vendor URL: http://www.sap.com Bugs:Auth bypass, directory traversal, smbrelay Exploits: YES Reported: 13.05.2011 Vendor response: 15.05.2011 Date of Public Advisory: 17.06.2012 Author: Alexey Tyurin ERPScan Description A...

0.6AI score
Exploits0
erpscan
erpscanadded 2011/05/13 12:0 a.m.20 views

SAP NetWeaver BW - XML External Entity

Application: SAP BW Versions Affected: SAP BASIS 6.40/7.02 maybe others Vendor URL: http://www.sap.com Bugs:XML External Entity Exploits: YES Reported: 13.05.2011 Vendor response: 14.05.2011 Date of Public Advisory: 30.06.2012 Reference: SAP Security Note 1597066 Author: Alexey Tyurin ERPScan...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2011/04/26 12:0 a.m.45 views

Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay

It was closed only for relayng to the same host but it is imposible to close relayng on another host which run processes st the same account. And also smbrelay patch did not work on clusters http://dsecrg.blogspot.com/2011/01/passthehash-bible-1-attacking.html...

7.1AI score
Exploits0
Rows per page
Query Builder