11 matches found
XEL CMS 1.1 Cross Site Request Forgery
==================================================================================================================================== | Title : XEL cms© v1.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | | Vendor :...
Backdoor.Win32.Xel Remote Authentication Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3648c68bfe395fb9980ae547d881572c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Xel Vulnerability: Remote Authentication Buffer Overflow Description: Xel listens on...
Microsoft SQL Server Management Studio XXE Injection Information Disclosure (CVE-2018-8527; CVE-2018-8532; CVE-2018-8533)
Multiple information disclosure vulnerabilities exist in Microsoft SQL Server Management Studio. The vulnerabilities are due to a flaw when parsing a malicious XEL/XML/XMLA file containing a reference to an external entity. A remote authenticated attacker could exploit these vulnerabilities by...
Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and...
CVE-2018-8527
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...
Information disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...
CVE-2018-8527
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQ...
CVE-2018-8527
CVE-2018-8527 (and related CVEs 2018-8532/8533) affect Microsoft SQL Server Management Studio (SSMS) 17.9 and 18.0 Preview 4. The root cause is an XML/XEL parsing flaw that allows XML External Entity (XXE) injection via a malicious XEL/XML/XMLA file, leading to information disclosure. Exploitatio...
Microsoft SQL Server Management Studio Information Disclosure Vulnerability (CNVD-2018-21210)
Microsoft SQL Server Management Studio is an integrated environment for managing multiple SQL infrastructures from Microsoft. The product is mainly used for setting up, monitoring and managing SQL programs. An information disclosure vulnerability exists in Microsoft SQL Server Management Studio...
Microsoft SQL Server Management Studio xel File XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SQL Server Management Studio Information Disclosure Vulnerability
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XEL file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration...