VYPR
High severity7.5OSV Advisory· Published Jun 26, 2018· Updated Jun 17, 2026

CVE-2018-1000515

CVE-2018-1000515

Description

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server..

Affected products

2
  • Ventrian/News ArticlesOSV2 versions
    v00.09.11+ 1 more
    • (no CPE)range: v00.09.11
    • (no CPE)range: = NewsArticles.00.09.11

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.