Vulnerability Details CVE-2018-16252
FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.0%
CVSS Severity
CVSS v3 Score 3.3
CVSS v2 Score 2.1
References
- http://hyp3rlinx.altervista.org/advisories/FSPRO-LABS-EVENT-LOG-EXPLORER-XML-INJECTION-INFO-DISCLOSURE.txt
- http://packetstormsecurity.com/files/149195/FsPro-Labs-Event-Log-Explorer-4.6.1.2115-XML-Injection.html
- https://www.exploit-db.com/exploits/45319/
- http://hyp3rlinx.altervista.org/advisories/FSPRO-LABS-EVENT-LOG-EXPLORER-XML-INJECTION-INFO-DISCLOSURE.txt
- http://packetstormsecurity.com/files/149195/FsPro-Labs-Event-Log-Explorer-4.6.1.2115-XML-Injection.html
- https://www.exploit-db.com/exploits/45319/
Products affected by CVE-2018-16252
-
cpe:2.3:a:fspro:event_log_explorer:4.6.1.2115