Filter by tag: sql injection

Backend SQL Injection in BigTree CMS 4.4.6

7 min read 5 Nov 2019 by Robin Peraglie
BigTree is a small content management system which does not depend on many frameworks and advertises itself as user friendly and developer ready. In this blog post, we will take a look at a few vulnerabilities we have detected in the codebase of BigTree.

Drive By RCE Exploit in Pimcore 6.2.0

5 min read 22 Oct 2019 by Robin Peraglie
In this technical blog post we will examine how a drive by exploit in the Pimcore release 6.2.0 allows an attacker to execute OS commands by tricking an authenticated administrator into exploiting a command injection vulnerability.

Breaking Into Your Company's Internal Network - SuiteCRM 7.11.4

15 min read 20 Aug 2019 by Robin Peraglie
SuiteCRM, a customer relationship software, is a great first economic choice as CRM software because it is free and open source. However, in this blog post we will see how a vulnerable web application deployed in the internal network of your company can act as a charming entry gateway for any adversary.

WARNING: Pre-Auth Takeover of OXID eShops

6 min read 29 Jul 2019 by Robin Peraglie
RIPS detected a highly critical vulnerability in the OXID eShop software that allows unauthenticated attackers to takeover an eShop remotely in less than a few seconds - all on default configurations. A second vulnerability in the administration panel can then be exploited to gain remote code execution on the server. We highly recommend to update to the latest version!

dotCMS 5.1.5: Exploiting H2 SQL injection to RCE

6 min read 25 Jun 2019 by Johannes Moritz
In this blog post we will show how to exploit a SQL injection vulnerability (CVE-2019-12872) found by RIPS Code Analysis in the popular java-based content management system dotCMS and how we escalated it to execute code remotely.