Hanno's projects: SSRF in rompager-check

Summary The script rompager.php does not restrict which hosts can be requested. Thereby, an attacker can send HTTP requests to localhost and other servers of the same local network segment, on port 80 and 7547. Description In rompager.php, the value of CURLOPTURL is fully controlled: php Port...