Back to directory
WRITEUP #823

Kirby < 3.9.6 XML External Entity (XXE) vulnerability — CVE-2023-38490

XXESecurity code review
by@bastianallgeier(Bastian Allgeier)
Program
Kirby
Published
Sep 6, 2023
Added to HackDex
Sep 7, 2023
Read Full Writeuphttps://www.acceis.fr/kirby-3-9-6-xml-external-entity-xxe-vulnerability-cve-2023-38490/
RELATED WRITEUPS
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
IIS welcome page to source code review to LFI!
SSRFLFI
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program
XXELFI

Built with ❤️ by Shubham Rawat