The vulnerability (CVE-2017-2641) allows an attacker to execute PHP code at the vulnerable Moodle server. This vulnerability actually consists of many small vulnerabilities, as described further in the blog post. Moodle is a very popular learning management system, deployed in many universities around the world, including top institutes such as MIT, Stanford, the University of Cambridge, […]
Before discovering my latest Magento RCE, I’ve found two different vulnerabilities, both resulting in the complete compromise of customer data and/or the server. As they are far less complicated, I’m presenting both of them in this single blog post for your convenience.
The vulnerability (CVE-2016-4010) allows an attacker to execute PHP code at the vulnerable Magento server unauthenticated. This vulnerability actually consists of many small vulnerabilities, as described further in the blog post. Magento is an extremely popular eCommerce platform with a 30% share in the eCommerce market. It is used by major corporations, such as Rosetta Stone, […]
The vulnerability (CVE-2014-1610) allows an unauthenticated attacker to execute code remotely on a vulnerable MediaWiki installation. It requires the DjVu file format in order to be exploited (built in by default). MediaWiki is an open-source web platform used to create and maintain wikis. One of the major sites using the system is Wikipedia.org and alongside the rest […]