14 min read 11 Jun 2019 by Simon Scannell
10 min read 26 Mar 2019 by Johannes Moritz
LogicalDOC is a global software company offering a popular Java-based document management solution as a community or enterprise edition of the same name. In this blog post we will examine a path traversal vulnerability (CVE-2019-9723) which allows malicious guest users to steal arbitrary documents and files from the server.
17 min read 13 Mar 2019 by Simon Scannell
Last month we released an authenticated remote code execution (RCE) vulnerability in WordPress 5.0. This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution on any WordPress installation prior to version 5.1.1 (CVE-2019-9787).
25 min read 19 Feb 2019 by Simon Scannell
18 min read 29 Jan 2019 by Simon Scannell
A recent Capture-The-Flag tournament hosted by Insomni’hack challenged participants to craft an attack payload for Drupal 7. This blog post will demonstrate our solution for a PHP Object Injection with a complex POP gadget chain.