Lucene search
+L

77 matches found

ptsecurity
ptsecurity
added 2023/09/06 12:0 a.m.9 views

PT-2023-27179 · Unknown · Wiremock Studio

Name of the Vulnerable Software and Affected Versions: WireMock Studio affected versions not specified Description: WireMock is a tool for mocking HTTP services. When certain request URLs like "@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an...

10CVSS9.2AI score0.00829EPSS
Exploits1References5
veracode
veracode
added 2018/04/02 7:22 a.m.16 views

Directory Traversal Through XML External Entity (XXE)

wiremock is vulnerable to directory traversal through XML External Entity XXE attacks. The application does not disable DTD during XPATH Evaluation, allowing a malicious user to traverse the directory...

5.3CVSS5.5AI score0.02658EPSS
Exploits0References2Affected Software1
veracode
veracode
added 2018/04/02 6:58 a.m.18 views

Denial Of Service (DoS) Through XML External Entity (XXE) Injection

wiremock is vulnerable to Denial of Service DoS attacks. The application does not disable the downloading of DTDs during XML parsing, allowing a malicious user to inject external entities to consume resources...

9.1CVSS8.9AI score0.01984EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2018/03/29 7:29 a.m.20 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS5.3AI score0.02658EPSS
Exploits0References1
prion
prion
added 2018/03/29 7:29 a.m.17 views

Directory traversal

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5CVSS5.3AI score0.02658EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2018/03/29 7:29 a.m.17 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS9AI score0.01984EPSS
Exploits0References1
attackerkb
attackerkb
added 2018/03/29 7:29 a.m.4 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS5.7AI score0.01984EPSS
Exploits0References3
prion
prion
added 2018/03/29 7:29 a.m.18 views

Xxe

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

6.4CVSS8.9AI score0.01984EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2018/03/29 7:29 a.m.4 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS5.6AI score0.02658EPSS
Exploits0References3
osv
osv
added 2018/03/29 7:29 a.m.11 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3CVSS7AI score
Exploits0References1
osv
osv
added 2018/03/29 7:29 a.m.13 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9.1CVSS7.1AI score
Exploits0References1
cve
cve
added 2018/03/29 7:0 a.m.48 views

CVE-2018-9117

CVE-2018-9117 affects WireMock before 2.16.0, where a remote unauthenticated attacker can access local files outside the application directory by sending a specially crafted XML request, i.e., a Directory Traversal. Root cause described as an XML-based traversal vulnerability; several connected s...

5.3CVSS5.2AI score0.02658EPSS
Exploits0References1Affected Software1
cve
cve
added 2018/03/29 7:0 a.m.47 views

CVE-2018-9116

CVE-2018-9116 is an XXE vulnerability in WireMock prior to 2.16.0. A remote unauthenticated attacker can access local files and internal resources and may cause a Denial of Service by abusing XML External Entity processing. Affected product: WireMock (versions before 2.16.0). Root cause: XML pars...

9.1CVSS8.9AI score0.01984EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2018/03/29 7:0 a.m.19 views

CVE-2018-9116

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service...

9AI score0.01984EPSS
Exploits0References1
cvelist
cvelist
added 2018/03/29 7:0 a.m.16 views

CVE-2018-9117

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal...

5.3AI score0.02658EPSS
Exploits0References1
cnvd
cnvd
added 2018/03/29 12:0 a.m.6 views

WireMock Directory Traversal Vulnerability

WireMock is an open source HTTP-based API simulator . A security vulnerability exists in WireMock versions prior to 2.16.0. A remote attacker could exploit the vulnerability by sending specially crafted XML requests to access local files outside of the application directory...

5.3CVSS6.7AI score0.02658EPSS
Exploits0References1
cnvd
cnvd
added 2018/03/29 12:0 a.m.4 views

WireMock XML External Entity Injection Vulnerability

WireMock is an open source HTTP-based API simulator . An XML external entity vulnerability exists in WireMock versions prior to 2.16.0. A remote attacker could exploit this vulnerability to access local files and internal resources and potentially cause a denial of service...

9.1CVSS6.6AI score0.01984EPSS
Exploits0References1
Rows per page
Query Builder