CVE-2022-38840

HIGH EXPLOITED NUCLEI

Güralp MAN-EAM-0003 3.2.4 - XXE

Title source: llm

Description

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

Exploits (1)

exploitdb WORKING POC
by Ahmed Alroky · textwebappsxml
https://www.exploit-db.com/exploits/51037

Nuclei Templates (1)

Güralp MAN-EAM-0003 3.2.4 - XML External Entity (XXE)
HIGHVERIFIEDby daffainfo

References (2)

Scores

CVSS v3 7.5
EPSS 0.5376
EPSS Percentile 98.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2025-07-21
CWE
CWE-611
Status published
Products (1)
guralp/man-eam-0003 3.2.4
Published Apr 16, 2023
Tracked Since Feb 18, 2026