xml

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2017-11-03 Ladon Framework for Python 0.9.40 – XML External Entity Expansion
  • webapps
    		•  RedTeam Pentesting
    2017-10-30 Oracle Java SE – Web Start jnlp XML External Entity Processing Information Disclosure
  • webapps
    		•  mr_me
    2017-10-17 Apache Solr 7.0.1 – XML External Entity Expansion / Remote Code Execution
  • webapps
    		•  Michael Stepankin & Olga Barinova
    2017-08-18 QuantaStor Software Defined Storage < 4.3.1 - Multiple Vulnerabilities
  • webapps
    		•  VVVSecurity
    2017-05-30 Trend Micro Deep Security 6.5 – XML External Entity Injection / Local Privilege Escalation / Remote Code Execution
  • webapps
    		•  SecuriTeam
    2017-05-19 SAP Business One for Android 1.2.3 – XML External Entity Injection
  • webapps
    		•  Ravindra Singh Rathore
    2017-05-17 INFOR EAM 11.0 Build 201410 – Persistent Cross-Site Scripting via Comment Fields
  • webapps
    		•  Yoroi
    2017-05-17 INFOR EAM 11.0 Build 201410 – ‘filtervalue’ SQL Injection
  • webapps
    		•  Yoroi
    2017-05-17 Oracle PeopleSoft – XML External Entity to SYSTEM Remote Code Execution
  • remote
    		•  Ambionics Security
    2017-04-25 Oracle PeopleSoft – ‘PeopleSoftServiceListeningConnector’ XML External Entity via DOCTYPE
  • webapps
    		•  ERPScan
    2017-04-07 Adobe (Multiple Products) – XML Injection File Content Disclosure
  • webapps
    		•  Tess Sluyter
    2017-03-10 WatchGuard XTMv 11.12 Build 516911 – User Management Cross-Site Request Forgery
  • webapps
    		•  KoreLogic
    2017-03-10 FTP Voyager Scheduler 16.2.0 – Cross-Site Request Forgery
  • webapps
    		•  hyp3rlinx
    2017-03-01 Aruba AirWave 8.2.3 – XML External Entity Injection / Cross-Site Scripting
  • webapps
    		•  SEC Consult
    2016-11-22 SAP NetWeaver AS JAVA – ‘BC-BMT-BPM-DSK’ XML External Entity Injection
  • webapps
    		•  ERPScan
    2016-10-20 Oracle BI Publisher 11.1.1.6.0/11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 – XML External Entity Injection
  • webapps
    		•  Jakub Palaczynski
    2016-10-11 RSA Enterprise Compromise Assessment Tool 4.1.0.1 – XML External Entity Injection
  • webapps
    		•  SEC Consult
    2016-07-13 Apache Archiva 1.3.9 – Multiple Cross-Site Request Forgery Vulnerabilities
  • webapps
    		•  Julien Ahrens
    2016-07-08 CyberPower Systems PowerPanel 3.1.2 – XML External Entity Out-Of-Band Data Retrieval
  • webapps
    		•  LiquidWorm
    2016-06-10 Dell OpenManage Server Administrator 8.3 – XML External Entity
  • webapps
    		•  hantwister
    2016-05-19 SAP NetWeaver AS JAVA 7.1 < 7.5 - Information Disclosure
  • webapps
    		•  ERPScan
    2016-05-19 SAP NetWeaver AS JAVA 7.1 < 7.5 - SQL Injection
  • webapps
    		•  ERPScan
    2016-02-10 Wieland wieplan 4.1 – Document Parsing Java Code Execution Using XMLDecoder
  • local
    		•  LiquidWorm
    2016-01-05 Atlassian Confluence 5.2/5.8.14/5.8.15 – Multiple Vulnerabilities
  • webapps
    		•  Sebastian Perez