Archives for July 2019

Drupal (SA-CORE-2019-008) Wordspaces Extension Access Bypass PoC

Posted: 4 years ago by @pentestit 4724 views
Updated: July 25, 2019 at 5:23 am

Last week, an advisory (SA-CORE-2019-008) addressing a Drupal access bypass vulnerability was made public. MITRE assigned CVE-2019-6342 to this critical vulnerability. This is post to document the steps I took to create a PoC for SA-CORE-2019-008. Last such post on this blog was about Apache JMeter RMI Code Execution PoC (CVE-2018-1297). Read more about Drupal (SA-CORE-2019-008) Wordspaces Extension Access Bypass PoC

UPDATE: OWASP Dependency-Check 5.1.0

Posted: 4 years ago by @pentestit 5274 views

My first post about this open source OWASP project was about an older version. Some days back, a new version was released. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 5.1.0, which includes a lot of bug fixes and enhancements. Read more about UPDATE: OWASP Dependency-Check 5.1.0

Drupal (SA-CORE-2019-008) Wordspaces Extension Access Bypass PoC

UPDATE: OWASP Dependency-Check 5.1.0

Featured Post

Acra: Database Protection With Encryption & Intrusion Detection!

Recent

Archives for July 2019

Footer

Featured Post

Recent

Tags