WSDL - API Security Blog

HP LoadRunner EmulationAdmin Web Service Directory Traversal

Post ContentRead More ...

July 01, 2023

SoapUI 4.6.3 – Remote Code Execution

SoapUI 4.6.3 - Remote Code ExecutionRead More ...

July 01, 2023

CVSS2 - HIGH

SoapUI远程代码执行漏洞

CVE ID: CVE-2014-1202 SoapUI是免费和开放源码的跨平台功能测试解决方案。攻击者可以使恶意的WSDL文件，确定被请求参数中的一个恶意Java代码为默认值。当� ...

July 01, 2023

CVE-2014-1202

The WSDL/WADL import functionality in SoapUI before 4.6.4 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.Read More ...

July 01, 2023

CVSS2 - HIGH

Nortel Contact Recording Centralized Archive 6.5.1 – SQL Injection Exploit

No description provided by source.Read More ...

July 01, 2023

Apache Axis2 Web Services Detection

This host is running Apache Axis2, a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack.Read More ...

July 01, 2023

passageminteligente.com.br XSS vulnerability

##### Vulnerable URL: http://passageminteligente.com.br/wsdl/server.php/1%22%3E%3C/a%3E%3C/div%3E%3Cscript%3Ealert%28%22XSSPOSED%22%29;document.write%28atob%28%27PGlmcmFtZSBzdHlsZT0icG9zaXRpb246Zm ...

July 01, 2023

F5 Networks BIG-IP : SOAP parser vulnerability (SOL15879)

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an e ...

July 01, 2023