cve/CVE-2018-8819.md at 43553e9af13bbdba84028635c21659dede3160a7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web server OS via the "X-Wap-Profile" HTTP header.

POC

Reference

http://packetstormsecurity.com/files/148126/WebCTRL-Out-Of-Band-XML-Injection.html
http://seclists.org/fulldisclosure/2018/Jun/21

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/deadcyph3r/Awesome-Collection
https://github.com/lnick2023/nicenice
https://github.com/qazbnm456/awesome-cve-poc
https://github.com/xbl3/awesome-cve-poc_qazbnm456

1.1 KiB Raw Blame History

CVE-2018-8819

Description

POC

Reference

Github

1.1 KiB

Raw Blame History