InfoSec Blog

tags Archives

PoC

Example CVE-2020-11579 exploit run

28/07/2020

Sometimes they come back: exfiltration through MySQL and CVE-2020-11579

Walkthrough and exploitation of MySQL LOCAL INFILE accompanied by the release of a new open-source tool to exploit similar vulnerabilities.

2

Min

Exploiting Apache Solr through OpenCMS

13/04/2019

Exploiting Apache Solr through OpenCMS

Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.

7

Min

Nagios XI 5.5.10 RCE exploit

10/04/2019

Nagios XI 5.5.10: XSS to #

Walkthrough of a 1-click root RCE exploit chain in Nagios XI 5.5.10 by polict: XSS, RCE and local privilege escalation in a single URL click.

5

Min