Sajeeb Lohani (sml555 / prodigysml)
Sajeeb Lohani (sml555 / prodigysml)
https://raw.githubusercontent.com/xyele/secretx/master/patterns.json
https://github.com/random-robbie/keywords/blob/master/keywords.txt Thanks @xYantix !
# The Issue An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to...
Add in NetForce. https://www.imdb.com/title/tt0158423/ Apparently not a good movie, but worth putting on the list.
### Expected behaviour Validate XML import against a schema ### Actual behaviour Processes the XML bomb provided ### Steps to reproduce Import an XML file with the following content: ```xml
# Issue Stored XSS found within the blog creation page. This allows attackers to get arbitrary execution of javascript code. # Steps to reproduce 1. Log into a user's account...
Hi! We found some potential security flaws and were wondering whether there was anyone we could talk to on the contributor's team about it. Is there anyone we can talk...
# The Issue SQL Injections are vulnerabilities in which the developer overly trusts user controlled input. This allows an attacker to perform malicious queries upon the database, which can lead...
# The Issue Local file disclosure is a vulnerability which allows an attacker to disclose the contents of files on the server. An attacker can use this vulnerability to disclose...