Back to directory

WRITEUP #2053

Second Order XXE Exploitation

XXEArbitrary file read

by@kuldeepdotexe(Kuldeep Pandya)

Program

-

Published

Oct 19, 2022

Added to HackDex

Oct 21, 2022

Read Full Writeuphttps://kuldeep.io/posts/second-order-xxe-exploitation/

▸ RELATED WRITEUPS

The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program

Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents

RCEArbitrary file read

3CX Phone System Local Privilege Escalation Vulnerability

Privilege EscalationLocal Privilege Escalation

From Limited file read to full access on Jenkins (CVE-2024-23897)

RCEArbitrary file read

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

Built with ❤️ by Shubham Rawat