mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
674 B
674 B
CVE-2018-18737
Description
An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexml_load_string. This can also be used for SSRF.
POC
Reference
- https://github.com/AvaterXXX/douchat/blob/master/xxe.md#xxe
- https://github.com/AvaterXXX/douchat/blob/master/xxe.md#xxe
Github
No PoCs found on GitHub currently.