Authenticated Stored XSS in TangoCMS
Posted on Thu 19 March 2015 in Web Hacking • Tagged with web, xss
Demonstrating to possibilities of exploiting an authenticated stored XSS vulnerability
Continue reading
Continue reading
CSRF In BigTree CMS
Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, csrf, responsible disclosure
A cross site request forgery vulnerability that existed in BigTree CMS version <= 1.4.5
Continue reading
Hacking FoeCMS
Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, sql injection, xss, smtp injection, insecure authentication, remote code exection
A hacking session against the open source FoeCMS where a number of vulnerabilities were found
Continue reading
A Web Hack
Posted on Sun 08 February 2015 in Web Hacking • Tagged with web, sql injection, password cracking, file upload, path disclosure, xss, python
SQL Injections
Posted on Tue 02 December 2014 in Web Hacking • Tagged with web, sql injection, python
A walkthrough of some reasonably advanced SQL injection techniques and exploitation
Continue reading
Reflected XSS at PentesterAcademy
Posted on Sat 09 August 2014 in Web Hacking • Tagged with web, xss, pentesteracademy
XSS in PNP4Nagios
Posted on Fri 04 July 2014 in Web Hacking • Tagged with web, xss, responsible disclosure
Finding and exploiting cross site scripting vulnerabilities in the Nagios plugin PNP4Nagios
Continue reading
Command Injection in Basilic
Posted on Mon 02 June 2014 in Web Hacking • Tagged with web, command injection