There is no excerpt because this is a protected post.
Category: CVE
How I found 15 CVEs in 3 nights and how YOU can too.
My explanation of how I found 15 CVEs in 3 nights and my tips on how you can too!
CVE-2022-35142, CVE-2022-35143, CVE-2022-35144 – DoS, XSS and Weak Password Policy in Renato a Markdown powered knowledge base
Multiple new CVEs discovered and disclosed! XSS, DoS and a weak password policy!
CVE-2022-34613, CVE-2022-34618, CVE-2022-34619 – Multiple XSS (And more) in Mealie
Multiple new CVEs discovered and disclosed! XSS, file uploads and more!
CVE-2022-34625 – Server-Side Template Injection to Remote Code Execution (SSTI) to (RCE) in Mealie – A lesson in patience
A detailed walkthrough of CVE-2022-34625 aka a Server-Side Template Injection (SSTI) to Remote Code Execution (RCE)
CVE-2022-34009
Denial of Service discovered against Fossil SCM when running on Windows boxes.