Lucene search
K

9 matches found

CNVD
CNVD
added 2022/08/04 12:0 a.m.32 views

IBM DataPower Gateway XML External Entity Injection Vulnerability (CNVD-2022-56970)

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B, and cloud workloads. The platform protects, integrates, and optimizes access across channe...

9.1CVSS2.3AI score0.0115EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/08 12:0 a.m.29 views

Netscaut nGeniusONE XML External Entity Injection Vulnerability

Netscout NgeniusOne is a centralized application and network performance management solution from Netscout, Inc. Netscaut nGeniusONE in version 6.3.0 build 1196 suffers from an XML External Entity Injection vulnerability, which arises from a network system or product that does not have the correc...

6.5CVSS6.6AI score0.00933EPSS
Exploits0References1
Prion
Prion
added 2019/07/23 2:15 p.m.18 views

Xxe

Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...

4CVSS6.2AI score0.01312EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/23 1:52 p.m.23 views

CVE-2019-1010202

Jeesite 1.2.7 is affected by: XML External Entity XXE. The impact is: sensitive information disclosure. The component is: convertToModel function in src/main/java/com.thinkgem.jeesite/modules/act/service/ActProcessService.java. The attack vector is: network connectivity,authenticated,must upload ...

6.3AI score0.01312EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/08/20 7:0 p.m.29 views

CVE-2018-1000651

Stroom version 5.4.5 contains a XML External Entity XXE vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file...

9.2AI score0.01855EPSS
Exploits0References2
NVD
NVD
added 2018/06/26 4:29 p.m.11 views

CVE-2018-1000540

LoboEvolution version 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity XXE vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be...

7.8CVSS7.4AI score0.01217EPSS
Exploits1References1
Prion
Prion
added 2018/06/26 4:29 p.m.12 views

Xxe

LoboEvolution version 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity XXE vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be...

6.8CVSS7.3AI score0.01217EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/03/13 3:29 p.m.23 views

CVE-2018-1000090

textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file...

7.8CVSS7.6AI score0.01391EPSS
Exploits1References1
OSV
OSV
added 2018/03/13 3:29 p.m.14 views

CVE-2018-1000090

textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file...

7.5CVSS7.8AI score
Exploits0References1
Rows per page
Query Builder