xxe-example

there is 1 vulnerability

xxe in index.vuln.js line 12

const Vulnerability1 = (req, res) => {
    if (req.files.products && req.files.products.mimetype=='text/xml'){

		var products = libxmljs.parseXmlString(req.files.products.data.toString('utf8'), {noent:true,noblanks:true})

		products.root().childNodes().forEach( product => {

			var newProduct = new db.Product()

			newProduct.name = product.childNodes()[0].text()

			newProduct.code = product.childNodes()[1].text()

			newProduct.tags = product.childNodes()[2].text()

			newProduct.description = product.childNodes()[3].text()

			newProduct.save()

		})
    }
    res.end('hello world')
}

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.gitignore		.gitignore
README.md		README.md
index.safe.js		index.safe.js
index.vuln.js		index.vuln.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

xxe-example

there is 1 vulnerability

About

Releases

Packages

Languages

shieldfy-vulnerability-hub/xxe-example

Folders and files

Latest commit

History

Repository files navigation

xxe-example

there is 1 vulnerability

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages