Total
114 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28770 | 2026-03-05 | N/A | N/A | ||
|
Improper neutralization of special elements in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management Interface version 101 allows for XML Injection. The application reflects un-sanitized user input from the `file` parameter directly into a CDATA block, allowing an authenticated attacker to break out of the tags and inject arbitrary XML elements. An actor is confirmed to be able to turn this into an reflected ...
Show More |
|||||
| CVE-2026-1554 | 1 Jtenman | 1 Central Authentication System Server | 2026-02-11 | N/A | 4.2 MEDIUM |
|
XML Injection (aka Blind XPath Injection) vulnerability in Drupal Central Authentication System (CAS) Server allows Privilege Escalation.This issue affects Central Authentication System (CAS) Server: from 0.0.0 before 2.0.3, from 2.1.0 before 2.1.2.
|
|||||
| CVE-2022-50902 | 2026-01-14 | N/A | 8.4 HIGH | ||
|
Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious code that would run with LocalSystem permissions during service startup.
|
|||||
| CVE-2025-1545 | 1 Watchguard | 34 Firebox M270, Firebox M290, Firebox M370 and 31 more | 2025-12-10 | N/A | 7.5 HIGH |
|
An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only affects Firebox systems that have at least one authentication hotspot configured.This issue affects Fireware OS 11.11 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and in ...
Show More |
|||||
| CVE-2025-66034 | 1 Fonttools | 1 Fonttools | 2025-12-03 | N/A | 6.3 MEDIUM |
|
fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.
|
|||||
| CVE-2025-12921 | 1 Openclinica | 1 Openclinica | 2025-12-02 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability has been found in OpenClinica Community Edition up to 3.12.2/3.13. Affected by this issue is some unknown functionality of the file /ImportCRFData?action=confirm of the component CRF Data Import. Such manipulation of the argument xml_file leads to xml injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2025-24404 | 1 Apache | 1 Hertzbeat | 2025-11-04 | N/A | 8.8 HIGH |
|
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.
The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
|
|||||
| CVE-2020-0646 | 1 Microsoft | 15 .net Framework, Windows 10 1507, Windows 10 1607 and 12 more | 2025-10-29 | 10.0 HIGH | 9.8 CRITICAL |
|
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
|
|||||
| CVE-2025-7473 | 1 Zohocorp | 1 Manageengine Endpoint Central | 2025-10-23 | N/A | 5.2 MEDIUM |
|
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.
|
|||||
| CVE-2025-60833 | 1 Ghostxbh | 1 Uzy-ssm-mall | 2025-10-10 | N/A | 6.5 MEDIUM |
|
An XML External Entity (XXE) vulnerability in the /mall/wxpay/pay component of uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying crafted XML data.
|
|||||
| CVE-2025-54251 | 1 Adobe | 1 Experience Manager | 2025-10-02 | N/A | 4.3 MEDIUM |
|
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access.
|
|||||
| CVE-2025-47184 | 2025-09-11 | N/A | 5.3 MEDIUM | ||
|
An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 before 6.4.0 P20, 7.0.1 P12, and 7.2.0 P08 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message.
|
|||||
| CVE-2025-9375 | 2025-09-08 | N/A | N/A | ||
|
XML Injection vulnerability in xmltodict allows Input Data Manipulation.
This issue affects xmltodict: from 0.14.2 before 0.15.1.
|
|||||
| CVE-2022-25356 | 1 Altn | 1 Securitygateway | 2025-09-05 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.
|
|||||
| CVE-2024-47113 | 1 Ibm | 1 Voice Gateway | 2025-08-18 | N/A | 8.1 HIGH |
|
IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.
|
|||||
| CVE-2023-32173 | 1 Unified-automation | 1 Uagateway | 2025-08-08 | N/A | 5.8 MEDIUM |
|
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability when the product is in its default configuration.
The specific flaw exists within the implementation of the AddServer method. By specifying crafted arguments, an attacker can cause invalid characters to be inserted ...
Show More |
|||||
| CVE-2023-27328 | 1 Parallels | 1 Parallels Desktop | 2025-08-06 | N/A | 7.8 HIGH |
|
Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.
The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied string before using it to construct ...
Show More |
|||||
| CVE-2025-49538 | 1 Adobe | 1 Coldfusion | 2025-07-11 | N/A | 7.4 HIGH |
|
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An attacker can exploit this issue by injecting crafted XML or XPath queries to access unauthorized files or lead to denial of service. Exploitation of this issue does not require user interaction, and attack must have access to shared secrets.
|
|||||
| CVE-2023-35858 | 1 Moderncampus | 1 Omni Cms | 2025-06-18 | N/A | 5.3 MEDIUM |
|
XPath Injection vulnerabilities in the blog and RSS functions of Modern Campus - Omni CMS 2023.1 allow a remote, unauthenticated attacker to obtain application information.
|
|||||
| CVE-2022-35259 | 1 Ivanti | 1 Endpoint Manager | 2025-04-24 | N/A | 7.8 HIGH |
|
XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.
|
|||||
| CVE-2017-2171 | 1 Bestwebsoft | 51 Captcha, Car Rental, Contact Form and 48 more | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to version 1.3.2, Custom Search prior to version 1.36, Donate prior to version 2.1.1, Email Queue prior to version 1.1.2, Error Log Viewer prior to version 1.0.6, Facebook Button prior to version 2.54, F ...
Show More |
|||||
| CVE-2016-5697 | 1 Onelogin | 1 Ruby-saml | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
Ruby-saml before 1.3.0 allows attackers to perform XML signature wrapping attacks via unspecified vectors.
|
|||||
| CVE-2017-5654 | 1 Apache | 1 Ambari | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
|
|||||
| CVE-2017-10603 | 1 Juniper | 1 Junos | 2025-04-20 | 7.2 HIGH | 7.0 HIGH |
|
An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15.1 prior to 15.1R3. Junos versions prior to 15.1 are not affected. No other Juniper Networks products or platforms are affected by this issue.
|
|||||
| CVE-2015-3931 | 1 Microsec | 1 E-szigno | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsec e-Szigno before 3.2.7.12 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object.
|
|||||
| CVE-2015-3932 | 1 Netlock | 1 Mokka | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object.
|
|||||
| CVE-2013-7429 | 1 Mapsplugin | 1 Googlemaps | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to conduct XML injection attacks via the url parameter to plugin_googlemap2_proxy.php.
|
|||||
| CVE-2024-33858 | 1 Logpoint | 1 Siem | 2025-04-18 | N/A | 5.3 MEDIUM |
|
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The source_name parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory.
|
|||||
| CVE-2021-4140 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-16 | N/A | 10.0 CRITICAL |
|
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.
|
|||||
| CVE-2016-2932 | 1 Ibm | 1 Bigfix Remote Control | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
|
IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors.
|
|||||
| CVE-2013-4221 | 1 Restlet | 1 Restlet | 2025-04-11 | 7.5 HIGH | N/A |
|
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arbitrary Java code via crafted XML.
|
|||||
| CVE-2008-5024 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
|
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.
|
|||||
| CVE-2024-25413 | 1 Firebearstudio | 1 Improved Import \& Export | 2025-03-26 | N/A | 7.2 HIGH |
|
A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved Import And Export v3.8.6 allows attackers to execute arbitrary commands via a crafted XSLT file.
|
|||||
| CVE-2025-25589 | 2025-03-21 | N/A | 8.1 HIGH | ||
|
An XML external entity (XXE) injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file.
|
|||||
| CVE-2022-46751 | 1 Apache | 1 Ivy | 2025-02-13 | N/A | 8.2 HIGH |
|
Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2.
When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used.
This can be used to exfiltrate data, access resou ...
Show More |
|||||
| CVE-2022-27233 | 1 Intel | 1 Quartus Prime | 2025-02-05 | N/A | 6.5 MEDIUM |
|
XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.
|
|||||
| CVE-2024-2645 | 1 Netentsec | 1 Application Security Gateway | 2025-01-30 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /vpnweb/resetpwd/resetpwd.php. The manipulation of the argument UserId leads to improper neutralization of data within xpath expressions. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257283. NOTE: The vendor was contacted early ...
Show More |
|||||
| CVE-2024-2648 | 1 Netentsec | 1 Application Security Gateway | 2025-01-30 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257286 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early abou ...
Show More |
|||||
| CVE-2019-25137 | 1 Umbraco | 1 Umbraco Cms | 2025-01-22 | N/A | 7.2 HIGH |
|
Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx.
|
|||||
| CVE-2024-13190 | 2025-01-08 | 6.5 MEDIUM | 6.3 MEDIUM | ||
|
A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument findBlogList/getTotalBlogs leads to xml injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||