Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml injection vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2018-16282
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote malicious users to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
Moxa Edr-810 Firmware 4.2
9
CVSSv2
CVE-2016-9691
IBM WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all avail...
Ibm Websphere Cast Iron Solution 7.5.0.0
Ibm Websphere Cast Iron Solution 7.0.0
Ibm Websphere Cast Iron Solution 7.5.1.0
Ibm Websphere Cast Iron Solution 7.5.0.1
Ibm Websphere Cast Iron Solution 7.0.0.1
Ibm Websphere Cast Iron Solution 7.0.0.2
9
CVSSv2
CVE-2016-4014
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote malicious users to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.
Sap Netweaver 7.4
1 Github repository
9
CVSSv2
CVE-2011-0373
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System 500 Series
9
CVSSv2
CVE-2011-0374
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System 500 Series
9
CVSSv2
CVE-2011-0375
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System Software 1.6.0
Cisco Telepresence System Software 1.6.2
Cisco Telepresence System Software 1.6.3
Cisco Telepresence System Software 1.6.4
Cisco Telepresence System Software 1.6.5
Cisco Telepresence System Software 1.6.6
Cisco Telepresence System Software 1.6.7
Cisco Telepresence System Software 1.6.8
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
9
CVSSv2
CVE-2010-3585
Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ...
Oracle Vm 2.2.1
1 EDB exploit
9
CVSSv2
CVE-2006-0272
Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a bu...
Oracle Oracle10g Enterprise 10.1.0.4
Oracle Oracle10g Standard 10.1.0.4
Oracle Oracle9i Standard 9.2.0.7
Oracle Oracle10g Personal 10.1.0.4
8.5
CVSSv2
CVE-2016-6111
IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all availab...
Ibm Curam Social Program Management 5.2
Ibm Curam Social Program Management 6.0
Ibm Curam Social Program Management 6.0.0
Ibm Curam Social Program Management 6.0.4.3
Ibm Curam Social Program Management 6.0.4.8
Ibm Curam Social Program Management 6.0.4.2
Ibm Curam Social Program Management 6.0.4.0
Ibm Curam Social Program Management 6.0.4.1
Ibm Curam Social Program Management 6.0.4.7
Ibm Curam Social Program Management 6.0.4.6
Ibm Curam Social Program Management 6.0.4.4
Ibm Curam Social Program Management 6.0.4.5
Ibm Curam Social Program Management 6.0.5.8
Ibm Curam Social Program Management 6.0.5.9
Ibm Curam Social Program Management 6.0.5.7
Ibm Curam Social Program Management 6.0.5.6
Ibm Curam Social Program Management 6.0.5
Ibm Curam Social Program Management 6.0.5.0
Ibm Curam Social Program Management 6.0.5.3
Ibm Curam Social Program Management 6.0.5.2
Ibm Curam Social Program Management 6.0.5.4
Ibm Curam Social Program Management 6.0.5.5
8.5
CVSSv2
CVE-2016-9706
IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive informatio...
Ibm Websphere Message Broker 8.0
Ibm Integration Bus 10.0
Ibm Integration Bus 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »