漏洞描述
VISAM VBASE Automation Base中存在外部实体注入漏洞。该漏洞是由于解析ProjektInfo.xml文件时未对XML数据进行充分验证造成的。
VISAM VBASE Automation Base ProjektInfo File Parsing 外部实体注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-11253: Kubernetes API Server - YAML Parsing DoS (Billion Laughs)
- Ksenia Security Lares 4.0 Home Automation 安全漏洞
- POC CVE-2021-41291: ECOA Building Automation System - Directory Traversal Content Disclosure
- POC CVE-2021-41293: ECOA Building Automation System - Arbitrary File Retrieval
- POC CVE-2022-22972: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
- POC CVE-2022-26833: Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
- POC CVE-2024-6922: Automation Anywhere Automation 360 - Server-Side Request Forgery
- POC CVE-2024-9186: Automation By Autonami < 3.3.0 - SQL Injection
- POC CVE-2025-1562: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control
- POC CVE-2025-3102: SureTriggers – All-in-One Automation Platform ≤ 1.0.78 - Authentication Bypass
- POC CVE-2021-28164: Jetty Authorization Before Parsing and Canonicalization
- POC CVE-2020-21998: HomeAutomation 3.3.2 - Open Redirect
- POC tcpconfig: Rockwell Automation TCP/IP Configuration Information - Detect