mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
899 B
899 B
CVE-2013-6025
Description
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
POC
Reference
- http://www.kb.cert.org/vuls/id/303900
- http://www.kb.cert.org/vuls/id/303900
- https://www.exploit-db.com/exploits/38805/
- https://www.exploit-db.com/exploits/38805/
Github
No PoCs found on GitHub currently.