Free Trial

CVE-2022-31447 : MAGICPIN 3.4 SVG FILE XML EXTERNAL ENTITY REFERENCE

Description

An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file.

References

https://gist.github.com/Mr-Akuma/4f6261007fcfbd96fa2c2d8ad4a5e1ca https://magicpin.in/

For more information

MITRE

Common Vulnerabilityies and Exposures

CVE-2022-31447 : MAGICPIN 3.4 SVG FILE XML EXTERNAL ENTITY REFERENCE
CVE-2022-31447 : MAGICPIN 3.4 SVG FILE XML EXTERNAL ENTITY REFERENCE

Contact us to get started

CVE-2024-20329 : CISCO ASA UP TO 9.19.1.18 EXPRESSION/COMMAND DELIMITERS

CVE-2024-20329 : CISCO ASA UP TO 9.19.1.18 EXPRESSION/COMMAND DELIMITERS

Description A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker

Learn more
CVE-2024-47575 : FONTINET FORTIMANAGER UP TO 7.6.0 REQUEST MISSING AUTHENTICATION

CVE-2024-47575 : FONTINET FORTIMANAGER UP TO 7.6.0 REQUEST MISSING AUTHENTICATION

Description A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0

Learn more
CVE-2024-47901 : SIEMENS INTERMESH 7177 HYBRID 2.0 SUBSCRIBER PRIOR 8.2.12 WEB SERVER OS COMMAND INJECTION

CVE-2024-47901 : SIEMENS INTERMESH 7177 HYBRID 2.0 SUBSCRIBER PRIOR 8.2.12 WEB SERVER OS COMMAND INJECTION

Description A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber

Learn more