High severity7.5OSV Advisory· Published Jun 26, 2018· Updated Jun 17, 2026
CVE-2018-1000515
CVE-2018-1000515
Description
ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server..
Affected products
2v00.09.11+ 1 more
- (no CPE)range: v00.09.11
- (no CPE)range: = NewsArticles.00.09.11
Patches
Vulnerability mechanics
References
1- drive.google.com/drive/folders/1P7djpYX8VQ0oplhOCMFNdKQByCcw2ncUnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.