| External XML Entity via File Upload (SVG) |
|
|
|
| Spilling Local Files via XXE when HTTP OOB fails |
|
|
|
| Exploiting Out Of Band XXE using internal network and php wrappers |
|
|
|
| Swiss_E-Voting_Publications |
|
|
|
| Exploiting XXE with local DTD files |
|
|
|
| XSS to XXE in Prince v10 and below (CVE-2018-19858) |
|
|
|
| An interesting XXE in SAP. |
|
|
|
| SOAP- Based Unauthenticated Out-of-Band XML External Entity (OOB-XXE) in a Help Desk Software |
|
|
|
| XXE in IBM’s MaaS360 Platform |
|
|
|
| XXE at Bol.com |
|
|
|
| CVE-2018-8819 |
|
|
|
| CVE-2016-3473 |
|
|
|
| How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL |
|
|
|
| Multiple vulnerabilities in Oracle EBS |
|
|
|
| From RSS to XXE: feed parsing on Hootsuite |
|
|
|
| 0day writeup: XXE in uber.com |
|
|
|
| Critical LinkedIn vulnerability proactively resolved by Wallarm (XXE in application server) |
|
|
|
| AMF parsing and XXE |
|
|
|
| Compromising an unreachable Solr server with CVE-2013-6397 |
|
|
|
| All your PostgreSQL databases are belong to us |
|
|
|
writeups.xyz
/
XXE