Gemorroj

2 exploits Active since Jun 2014
CVE-2014-2054 WRITEUP WRITEUP
ownCloud Server < 5.0.15 and 6.0.x < 6.0.2 - XML External Entity Injection via PHPExcel
PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, does not disable external entity loading in libxml, which allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
CVE-2015-5243 WRITEUP CRITICAL WRITEUP
phpwhois < 4.2.2 - Remote Code Execution via Crafted Whois Record
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record.
CVSS 9.8