cve/CVE-2016-7999.md at 080c77ded0654f051cb1bc3976c3cd169cb797da

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

765 B

Raw Blame History

CVE-2016-7999

Description

ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.

POC

Reference

http://www.openwall.com/lists/oss-security/2016/10/12/10
https://sysdream.com/news/lab/2016-10-19-spip-3-1-2-server-side-request-forgery-cve-2016-7999/

Github

No PoCs found on GitHub currently.

765 B Raw Blame History

CVE-2016-7999

Description

POC

Reference

Github

765 B

Raw Blame History