Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
saxon vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2861
Multiple PHP remote file inclusion vulnerabilities in Simple Accessible XHTML Online News (SAXON) 4.6 allow remote malicious users to execute arbitrary PHP code via a URL in the template parameter to (1) news.php, (2) preview.php, or (3) archive-display.php.
Saxon Saxon 4.6
5
CVSSv2
CVE-2007-4861
SAXON 5.4, with display_errors enabled, allows remote malicious users to obtain sensitive information via (1) a direct request for news.php, (2) an invalid use of a newsid array parameter to admin/edit-item.php, and possibly unspecified vectors related to additional scripts in (3...
Quirm Saxon 5.4
4.3
CVSSv2
CVE-2007-4862
Cross-site scripting (XSS) vulnerability in admin/menu.php in SAXON 5.4 allows remote malicious users to inject arbitrary web script or HTML via the config[news_url] parameter.
Quirm Saxon 5.4
1 EDB exploit
6.8
CVSSv2
CVE-2007-4863
SQL injection vulnerability in example.php in SAXON 5.4 allows remote malicious users to execute arbitrary SQL commands via the template parameter.
Quirm Saxon 5.4
1 EDB exploit
6.8
CVSSv2
CVE-2015-0931
Ektron Content Management System (CMS) 8.5 and 8.7 prior to 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote malicious users to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue.
Ektron Ektron Content Management System 8.5.0
Ektron Ektron Content Management System 8.7.0
Ektron Ektron Content Management System 8.9.0
7.5
CVSSv2
CVE-2005-3757
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, su...
Google Mini Search Appliance
Google Search Appliance
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started