Citrix storefront server 7.15 xml external entity injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2019-10-30 |
Type : webapps |
Platform : xml
This exploit / vulnerability Citrix storefront server 7.15 xml external entity injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Citrix StoreFront Server 7.15 - XML External Entity Injection
# Date: 2019-08-28
# Exploit Author: Vahagn Vardanya
# Vendor Homepage:https://www.citrix.com/downloads/storefront/
# Software Link: https://support.citrix.com/article/CTX251988
# Version:
# Citrix StoreFront Server earlier than 1903
# Citrix StoreFront Server 7.15 LTSR earlier than CU4 (3.12.4000)
# Citrix StoreFront Server 7.6 LTSR earlier than CU8 (3.0.8000)#
# Tested on: Windows
# Shodan query https://www.shodan.io/search?query=%2FCitrix%2FStoreWeb