Filter by tag: command injection

Drive By RCE Exploit in Pimcore 6.2.0

5 min read 22 Oct 2019 by Robin Peraglie
In this technical blog post we will examine how a drive by exploit in the Pimcore release 6.2.0 allows an attacker to execute OS commands by tricking an authenticated administrator into exploiting a command injection vulnerability.