CVE-2018-16252

LOW

Fspro Event Log Explorer - XXE

Title source: rule
STIX 2.1

Description

FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.

Exploits (1)

exploitdb WORKING POC
by hyp3rlinx · textwebappswindows
https://www.exploit-db.com/exploits/45319

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45319/

Scores

CVSS v3 3.3
EPSS 0.0092
EPSS Percentile 76.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-611
Status published
Products (1)
fspro/event_log_explorer 4.6.1.2115
Published Sep 05, 2018
Tracked Since Feb 18, 2026