Authenticated Stored XSS in TangoCMS

Posted on Thu 19 March 2015 in Web Hacking • Tagged with web, xss

Demonstrating to possibilities of exploiting an authenticated stored XSS vulnerability


Continue reading

Hacking FoeCMS

Posted on Sun 08 March 2015 in Web Hacking • Tagged with web, sql injection, xss, smtp injection, insecure authentication, remote code exection

A hacking session against the open source FoeCMS where a number of vulnerabilities were found


Continue reading

A Web Hack

Posted on Sun 08 February 2015 in Web Hacking • Tagged with web, sql injection, password cracking, file upload, path disclosure, xss, python

Hacking an old version of BigTree CMS as a Pentester Academy challenge VM


Continue reading

Reflected XSS at PentesterAcademy

Posted on Sat 09 August 2014 in Web Hacking • Tagged with web, xss, pentesteracademy

Solving some cross site scripting challenges at pentester academy


Continue reading

XSS in PNP4Nagios

Posted on Fri 04 July 2014 in Web Hacking • Tagged with web, xss, responsible disclosure

Finding and exploiting cross site scripting vulnerabilities in the Nagios plugin PNP4Nagios


Continue reading