Prizm Content Connect v10.5.1030.8315 – XXE

  • 作者: xhzeem
    日期: 2023-04-01
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/51185/
  • # Exploit Title: Prizm Content Connect v10.5.1030.8315 - XXE
# Date: 21/12/2022
# Exploit Author: @xhzeem
# Vendor Homepage:
https://help.accusoft.com/PCC/v9.0/HTML/About%20Prizm%20Content%20Connect.html
# Version: v10.5.1030.8315

The Prizm Content Connect v10.5.1030.8315 is vulnerable to XXE

Proof Of Concept:

http://www.example.com/default.aspx?document=file.xml

The file.xml can have an OoB XXE payload or any other blind XXE exploit.