By polict
28/07/2020
Sometimes they come back: exfiltration through MySQL and CVE-2020-11579
Walkthrough and exploitation of MySQL LOCAL INFILE accompanied by the release of a new open-source tool to exploit similar vulnerabilities.
MySQL PoC Exploit PHP
2
Min
By smaury
13/04/2019
Exploiting Apache Solr through OpenCMS
Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.
Exploit PoC Apache Solr XXE Encoding OpenCMS
7
10/04/2019
Nagios XI 5.5.10: XSS to #
Walkthrough of a 1-click root RCE exploit chain in Nagios XI 5.5.10 by polict: XSS, RCE and local privilege escalation in a single URL click.
Exploit RCE PoC NagiosXI PHP
5