cve/CVE-2018-16794.md at 43553e9af13bbdba84028635c21659dede3160a7

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 8654f5abb7 Update CVE sources 2024-08-11 18:44

2024-08-11 18:44:53 +00:00

1.0 KiB

Raw Blame History

CVE-2018-16794

Description

Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.

POC

Reference

http://packetstormsecurity.com/files/149376/Microsoft-ADFS-4.0-Windows-Server-2016-Server-Side-Request-Forgery.html
http://seclists.org/fulldisclosure/2018/Sep/13
https://seclists.org/bugtraq/2018/Sep/26

Github

https://github.com/0dayhunter/Facebook-BugBounty-Writeups
https://github.com/Jester0x01/Facebook-Bug-Bounty-Writeups
https://github.com/Krishnathakur063/Facebook-BugBounty-Writeup
https://github.com/bikramsah/Meta--BugBounty-Writeups
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups

1.0 KiB Raw Blame History

CVE-2018-16794

Description

POC

Reference

Github

1.0 KiB

Raw Blame History