XXE/XML Attack

Malicious DTD

Following snippet can be used to get Local File Inclusion or Remote Command Execution on vulnerable XML.