Ir al contenido
Home
CTFs resueltos
PicoCTF
PicoCTF 2025 writeup
PicoCTF 2024 writeup
PortSwigger Lab Writeups
Menú
Home
CTFs resueltos
PicoCTF
PicoCTF 2025 writeup
PicoCTF 2024 writeup
PortSwigger Lab Writeups
Categoría:
writeups
Exploiting XXE via image file upload
Exploiting XInclude to retrieve files
Exploiting blind XXE to retrieve data via error messages
Exploiting blind XXE to exfiltrate data using a malicious external DTD
Blind XXE with out-of-band interaction via XML parameter entities
Blind XXE with out-of-band interaction
Exploiting XXE to perform SSRF attacks
Exploiting XXE using external entities to retrieve files
Basic server-side template injection (code context)
Basic server-side template injection
←
Anterior
Siguiente
→
