Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

SSI Injection

POC

Use the below payload to check whether the site is vulnerable to SSI injection or not: <!--#echo var=”DATE_LOCAL” --> <!--#include file="robots.txt"-->

Impact

Medium-High (depends on command execution)

Likelihood

Medium-High (depends on command execution)