10 POSTS · TAG · #ssrf
DATE CAT TITLE TARGET CVSS
2022 · 2
22-11 CVE CVE-2022-45152 - Moodle Blind SSRF in LTI provider library Moodle 4.5 18-07 CVE CVE-2022-35651 - Moodle Stored XSS and blind SSRF possible via SCORM track Moodle 6.1 2021 · 6
07-12 CVE CVE-2020-36474 - Vanilla SSRF Vanilla 9.8 05-12 POST HITCON CTF 2021 Metamon-Verse Writeup HitconCTF 2021 — 20-08 POST Vanilla - SSRF via media scrape API through dns rebinding Vanilla 9.8 22-07 CVE CVE-2021-36396 - Moodle Blind SSRF possible against cURL blocked hosts Moodle 7.5 17-05 POST 3kCTF-2021 - ppaste writeup 3kCTF 2021 — 16-03 CVE CVE-2021-20280 - Moodle Stored XSS and blind SSRF via feedback answer text Moodle 5.4 2020 · 2
31-12 CVE CVE-2020-36474 - safecurl <= 3.3, vanilla forum <= 0.9.2 dns rebind to ssrf safecurl 9.8 25-07 POST 3kCTF-2020 - reporter writeup 3kCTF 2020 —
CONTACT
rekter0
PROFESSIONAL SLOPPER
Application security research. vulnerability disclosure, and the occasional pre-auth RCE chain.
28 CVE 7 EXPLOIT 14 POST