| शीर्षक | SourceCodester RSS Feed Parser Using PHP and JavaScript N/A Server-Side Request Forgery |
|---|
| विवरण | A Blind Server-Side Request Forgery (SSRF) vulnerability exists in the RSS Feed Parser Using PHP and JavaScript project by SourceCodester. The application accepts a user supplied RSS feed URL and fetches the resource using file_get_contents() without proper validation.
An attacker can supply a malicious URL which forces the server to perform requests to attacker-controlled resources or internal services. |
|---|
| स्रोत | ⚠️ https://medium.com/@hemantrajbhati5555/discovering-a-blind-ssrf-vulnerability-in-a-php-rss-feed-parser-243f3ccbdafb |
|---|
| उपयोगकर्ता | Hemant Raj Bhati (UID 95613) |
|---|
| सबमिशन | 14/03/2026 11:29 AM (4 महीनों पहले) |
|---|
| संयम | 30/03/2026 10:01 AM (16 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 354158 [SourceCodester RSS Feed Parser 1.0 file_get_contents अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|