CVE-2018-18737
CVE-2018-18737 describes an XXE in Douchat 4.0.4 caused by Data\notify.php calling simplexml_load_string, which can also enable SSRF. Affected software: Douchat 4.0.4 (no other versions/products specified). Root cause: improper XML parsing via simplexml_load_string leading to external entity proc...