VulnSpy XML External Entity (XXE) Env

https://github.com/vulnspy/phpaudit-XXE
vulnspy 发布于 2020年04月24日

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

GitHub Source

https://github.com/vulnspy/phpaudit-XXE

Reference

XML External Entity (XXE) Processing - https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing
未知攻焉知防——XXE漏洞攻防- 博客- 腾讯安全应急响应中心 - https://security.tencent.com/index.php/blog/msg/69
What is XML External Entity (XXE)? - https://www.acunetix.com/blog/articles/xml-external-entity-xxe-vulnerabilities/

举报/反馈

发布评论 Admin

进行中...
进行中...
START TO HACK
点击上方按钮启动在线环境
Copyright © 2020 VSPlate
0e13048aa3344a2cb157819cd5fffa36