XXE in PHPSpreadsheet encoding is returned

Summary Bypassing the filter allows a XXE-attack. Which is turn allows attacker to obtain contents of local files, even if error reporting muted by @ symbol. LFI-attack Details Check $pattern = '/encoding=".?"/'; easy to bypass. Just use a single quote symbol '. So payload looks like this:...

GHSA-GHG6-32F9-2JP7 XXE in PHPSpreadsheet encoding is returned

Summary Bypassing the filter allows a XXE-attack. Which is turn allows attacker to obtain contents of local files, even if error reporting muted by @ symbol. LFI-attack Details Check $pattern = '/encoding=".?"/'; easy to bypass. Just use a single quote symbol '. So payload looks like this:...

parisneo/lollms Local File Inclusion (LFI) attack

parisneo/lollms version 9.5 is vulnerable to Local File Inclusion LFI attacks due to insufficient path sanitization. The sanitizepathfromendpoint function fails to properly sanitize Windows-style paths backward slash , allowing attackers to perform directory traversal attacks on Windows systems...

Code injection

The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode...

Code injection

The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks...

ND Shortcodes < 7.0 - Subscriber+ LFI

The plugin does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks PoC Run the below command in the developer console of the web browser while being on the blog as a...

CVE-2023-1124

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks...

PHP Remote File Inclusion in tsolucio/corebos

Description An attacker can use Local File Inclusion LFI to trick the web application into exposing or running files on the web server. An LFI attack may lead to information disclosure, remote code execution, or even Cross-site Scripting XSS. Proof of Concept // PoC.js Link --...

Cross site request forgery (csrf)

PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges including administrator. A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local...

Python JSON Fuzzer: PyJFuzz

Python JSON Fuzzer PyJFuzz is a small, extensible and ready-to-use framework used to fuzz JSON inputs , such as mobile endpoint REST API, JSON implementation, Browsers, cli executable and much more. Dependencies In order to work PyJFuzz need a single dependency, bottle , you can install it from...

Pepsi CMS (Irmin cms) pepsi-0.6-BETA2 - Multiple Local File

Pepsi CMS Irmin cms pepsi-0.6-BETA2 - Multiple Local File Pepsi CMS Irmin cms pepsi-0.6-BETA2 Multiple Local File Vulnerability fucking the Web Apps LFI 1 - attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /...