[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] ImpressCMS: from unauthenticated SQL injection to RCE

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] ImpressCMS: from unauthenticated SQL injection to RCE
From: Egidio Romano <research@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Mar 2022 15:05:52 +0100

Hello list,

I'd like to share with you my latest blog post. Hope you may find thisSQL injection exploitation technique interesting and potentially usefulfor your penetration tests. Enjoy it!


Link: http://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce

Best regards,
/EgiX
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] ImpressCMS: from unauthenticated SQL injection to RCE
  - From: Egidio Romano

Prev by Date: [FD] [KIS-2022-04] ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability
Next by Date: [FD] The Knights of NYNEX presents: Akhlut prowling terror
Previous by thread: [FD] [KIS-2022-04] ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability
Next by thread: Re: [FD] ImpressCMS: from unauthenticated SQL injection to RCE
Index(es):
- Date
- Thread