Lucene search
K

11 matches found

Packet Storm
Packet Storm
added 2023/07/03 12:0 a.m.209 views

XEL CMS 1.1 Cross Site Request Forgery

==================================================================================================================================== | Title : XEL cms© v1.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/21 12:0 a.m.224 views

Backdoor.Win32.Xel Remote Authentication Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3648c68bfe395fb9980ae547d881572c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xel Vulnerability: Remote Authentication Buffer Overflow Description: Xel listens on...

1.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2018/11/18 12:0 a.m.9 views

Microsoft SQL Server Management Studio XXE Injection Information Disclosure (CVE-2018-8527; CVE-2018-8532; CVE-2018-8533)

Multiple information disclosure vulnerabilities exist in Microsoft SQL Server Management Studio. The vulnerabilities are due to a flaw when parsing a malicious XEL/XML/XMLA file containing a reference to an external entity. A remote authenticated attacker could exploit these vulnerabilities by...

4.3CVSS1.4AI score0.23373EPSS
Exploits15
0day.today
0day.today
added 2018/10/11 12:0 a.m.60 views

Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and...

5.8AI score0.23373EPSS
Exploits5
OSV
OSV
added 2018/10/10 1:29 p.m.1 views

CVE-2018-8527

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...

5.5CVSS5.8AI score0.23373EPSS
Exploits5References4
Prion
Prion
added 2018/10/10 1:29 p.m.16 views

Information disclosure

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...

4.3CVSS5.1AI score0.23373EPSS
Exploits15References4Affected Software1
Cvelist
Cvelist
added 2018/10/10 1:0 p.m.21 views

CVE-2018-8527

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...

5.2AI score0.23373EPSS
Exploits5References4
CVE
CVE
added 2018/10/10 1:0 p.m.95 views

CVE-2018-8527

CVE-2018-8527 (and related CVEs 2018-8532/8533) affect Microsoft SQL Server Management Studio (SSMS) 17.9 and 18.0 Preview 4. The root cause is an XML/XEL parsing flaw that allows XML External Entity (XXE) injection via a malicious XEL/XML/XMLA file, leading to information disclosure. Exploitatio...

5.5CVSS5.2AI score0.23373EPSS
Exploits5References4Affected Software1
CNVD
CNVD
added 2018/10/10 12:0 a.m.2 views

Microsoft SQL Server Management Studio Information Disclosure Vulnerability (CNVD-2018-21210)

Microsoft SQL Server Management Studio is an integrated environment for managing multiple SQL infrastructures from Microsoft. The product is mainly used for setting up, monitoring and managing SQL programs. An information disclosure vulnerability exists in Microsoft SQL Server Management Studio...

5.5CVSS5.5AI score0.23373EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
added 2018/10/10 12:0 a.m.27 views

Microsoft SQL Server Management Studio xel File XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

2.6CVSS1.4AI score0.23373EPSS
Exploits5References1
Microsoft CVE
Microsoft CVE
added 2018/10/09 7:0 a.m.43 views

SQL Server Management Studio Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration...

5.5CVSS1.8AI score0.23373EPSS
Exploits5
Rows per page
Query Builder