Submit #780180: SourceCodester RSS Feed Parser Using PHP and JavaScript N/A Server-Side Request Forgeryinfo

TitleSourceCodester RSS Feed Parser Using PHP and JavaScript N/A Server-Side Request Forgery
DescriptionA Blind Server-Side Request Forgery (SSRF) vulnerability exists in the RSS Feed Parser Using PHP and JavaScript project by SourceCodester. The application accepts a user supplied RSS feed URL and fetches the resource using file_get_contents() without proper validation. An attacker can supply a malicious URL which forces the server to perform requests to attacker-controlled resources or internal services.
Source⚠️ https://medium.com/@hemantrajbhati5555/discovering-a-blind-ssrf-vulnerability-in-a-php-rss-feed-parser-243f3ccbdafb
User
 Hemant Raj Bhati (UID 95613)
Submission03/14/2026 11:29 (16 days ago)
Moderation03/30/2026 10:01 (16 days later)
StatusAccepted
VulDB entry354158 [SourceCodester RSS Feed Parser 1.0 file_get_contents server-side request forgery]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!