EUVD-2022-4982

Malicious code in bioql PyPI...

[SECURITY] Fedora 40 Update: xmlunit-2.9.0-11.fc40

XMLUnit provides you with the tools to verify the XML you emit is the one you want to create. It provides helpers to validate against an XML Schema, assert the values of XPath queries or compare XML documents against expected outcome s...

XML external entity (XXE) vulnerability in Jenkins

XML external entity XXE vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

CVE-2015-1809

XML external entity XXE vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

CVE-2015-1809

XML external entity XXE vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

Xxe

XML external entity XXE vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

CVE-2015-1809

XML external entity XXE vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query...

CVE-2015-1809

CVE-2015-1809 describes an XML External Entity (XXE) vulnerability in CloudBees Jenkins prior to 1.600 and in LTS releases prior to 1.596.1. The vulnerability arises from Jenkins' XPath/XML handling, allowing a remote attacker with read access to read arbitrary XML files on the Jenkins server. Af...

[SECURITY] Fedora 29 Update: libxmlb-0.1.8-2.fc29

XML is slow to parse and strings inside the document cannot be memory mappe d as they do not have a trailing NUL char. The libxmlb library takes XML source, and converts it to a structured binary representation with a deduplicated string table -- where the strings have the NULs included. This...

whiteint.com.au XSS vulnerability

Open Bug Bounty ID: OBB-563303 Description| Value ---|--- Affected Website:| whiteint.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

PHIMS - Hospital Management Information System - Password SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage: https://codecanyon.net/item/phims/14974225?srank=1566 Version: All version...

PSNews Website 1.0.0 - Keywords SQL Injection

PSNews Website 1.0.0 - Keywords SQL Injection Exploit Title: PSNews Website Same Backend with Mobile Apps 1.0.0 - 'Keywords' SQL Injection Dork: N/A Date: 2018-02-16 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...

PHIMS - Hospital Management Information System - 'Password' SQL Injection

Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection Dork: N/A Date: 2018-02-16 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/phims/14974225?srank=1566 Version: All version Category: Webapps...

SOA School Management - access_login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SOA - School Management Software with Integrated Parents/Students Portal & Mobile App - 'accesslogin' SQL Injection Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage:...

Xxe

Multiple XML external entity XXE vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML 1 String or 2 GenericFile object in an XPath query...

Apache JackRabbit 2.0.0 webapp XPath Injection

No description provided by source. Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description:...

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/54733/info DataWatch Monarch Business Intelligence is prone to multiple input validation vulnerabilities. Successful exploits will allow an attacker to manipulate the XPat...

DataWatch Monarch Business Intelligence - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/54733/info DataWatch Monarch Business Intelligence is prone to multiple input validation vulnerabilities. Successful exploits will allow an attacker to manipulate the XPath query logic to carry out unauthorized actions on the XML documents of the...

Apache JackRabbit 2.0.0 - webapp XPath Injection

Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...