Skip to content
Nova Experience
  • Cyber Security
    • Ctfs
    • KaliLinux
    • Web Security
  • Education
    • Scholarship
    • Internships
  • Cyber Security
    • Ctfs
    • KaliLinux
    • Web Security
  • Education
    • Scholarship
    • Internships

web browser

Blind XXE with out-of-band interaction

Blind XXE With Out-of-Band Interaction

Introduction This is our third article on XML injection or XXE vulnerabilities. In this article, we will be solving the Blind XXE with out-of-band interaction lab. Basically, we will be using Burp Suite Collaborator for … Read more

Exploiting XXE to perform SSRF attacks

Exploiting XXE to perform SSRF attacks

introduction So, we have started the PortSwigger web security series in which we are currently working on server-side vulnerabilities. Today, we are exploring the topic of exploiting XXE to perform SSRF attacks. In this lab, … Read more

Blind XXE with out-of-band interaction via XML parameter entities

Blind XXE with out-of-band interaction via XML parameter entities

Information Hello guys, today in Blind XXE with out-of-band interaction via XML parameter entities we will solve the 4th lab of PortSwigger Web Security. As you know, we are exploring XML or XXE vulnerabilities in … Read more

Advertisement

Our Categories

  • Blogs
  • Cyber Security
  • Education
  • Internships
  • KaliLinux
  • Scholarship
  • Web Security

Our Recent Posts

  • Understanding Types of VPNs and Their Security Measures
  • Referer-based access control
  • Multi-step process with no access control on one step
  • Method-based access control can be circumvented
  • Insecure direct object references
  • URL-based access control can be circumvented
  • User ID controlled by request parameter with password disclosure
  • What is Web Security? Protecting Your Online Presence in 2023
  • Unprotected admin functionality
  • User role can be modified in user profile
  • Unprotected admin functionality with unpredictable URL
  • User role controlled by request parameter
  • User ID controlled by request parameter
  • User ID controlled by request parameter with unpredictable user IDs
  • User ID controlled by request parameter with data leakage in redirect
  • Weak Isolation On Dual-Use Endpoint
  • Insufficient Workflow Validation
  • Authentication Bypass Via Flawed State Machine
  • Inconsistent Handling of Exceptional Input
  • Low-Level Logic Flaw

Advertisement

© 2019-23 ALL RIGHTS RESERVED. NOVA EXPERIENCE
  • Cyber Security
    • Ctfs
    • KaliLinux
    • Web Security
  • Education
    • Scholarship
    • Internships