Menu
  • About
  • Contact Us

Category: Uncategorized

Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities

October 28, 2022
 |  No Comments
 |  Uncategorized

The following software releases have been updated to resolve these specific issues: Junos OS 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, […]

Read More →

Bypass CSP Using WordPress By Abusing Same Origin Method Execution

May 29, 2022
 |  No Comments
 |  Uncategorized

By Paulos Yibelo There are two scenarios found in which CSP can be bypassed if WordPress is hosted on the website […]

Read More →

CVE-2022-24990: TerraMaster TOS unauthenticated remote command execution via PHP Object Instantiation

March 7, 2022
 |  No Comments
 |  Uncategorized

Introduction This report explains how researchers at Octagon Networks were able to chain two interesting vulnerabilities to achieve unauthenticated remote command […]

Read More →

CVE-2022-24948: Apache JSPWiki preauth Stored XSS to ATO

March 2, 2022
 |  No Comments
 |  Uncategorized

Apache JSPWiki is a leading open source Wiki engine, feature-rich and built around standard JEE components (Java, servlets, JSP), according to […]

Read More →

MAMP Server preauth XSS leading to Host Compromise (0day)

January 26, 2022
 |  No Comments
 |  Uncategorized

According to their wiki, MAMP is a solution stack composed of free and open-source and proprietary commercial software used together to […]

Read More →

Recent Posts

  • Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities
  • Bypass CSP Using WordPress By Abusing Same Origin Method Execution
  • CVE-2022-24990: TerraMaster TOS unauthenticated remote command execution via PHP Object Instantiation
  • CVE-2022-24948: Apache JSPWiki preauth Stored XSS to ATO
  • MAMP Server preauth XSS leading to Host Compromise (0day)

Archives

  • October 2022
  • May 2022
  • March 2022
  • January 2022

Categories

  • bug bounty, rce, preauth rce,
  • Uncategorized