SSRF Vulnerable Platforms

Reading time: 2 minutes

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

Check https://blog.assetnote.io/2021/01/13/blind-ssrf-chains/

  • SugarCRM ≤ 14.0.0 – LESS @import injection in /rest/v10/css/preview enables unauthenticated SSRF & local file read.

Less Code Injection Ssrf

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks