Lucene search
CertccCVELIST:CVE-2015-0923HistoryFeb 14, 2015 - 2:00 a.m.
CVE-2015-0923
2015-02-1402:00:00
certcc
www.cve.org
4
The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1 allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference within an XML document named in the xslt parameter, related to an XML External Entity (XXE) issue.
References
Related
prion
prion
Xxe
2015-02-14 03:01:00
zdt
zdt
Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution Exploit
2017-03-04 00:00:00
metasploit
metasploit
Ektron 8.5, 8.7, 9.0 XSLT Transform Remote Code Execution
2016-10-10 05:21:45
nvd
nvd
CVE-2015-0923
2015-02-14 03:01:17
packetstorm
packetstorm
Ektron 8.5 / 8.7 / 9.0 XSLT Transform Remote Code Execution
2017-03-04 00:00:00
cve
cve
CVE-2015-0923
2015-02-14 03:01:17
cert
cert
Ektron Content Management System (CMS) contains multiple vulnerabilities
2015-02-05 00:00:00