Introdution During my search for a plugin with the functionality to modify file names after uploading, I came across a particular plugin that seemed promising. As a security enthusiast, I decided ...
CVE-2023-2684: File Renaming on Upload <= 2.5.1 - Authenticated (Admin+) Stored Cross-Site Scripting
CVE-2023-2811: AI ChatBot <= 4.5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting
Introduction WPBot is an easy to use, Native, No coding required, AI ChatBot plugin for WordPress websites. It can be powered by DialogFlow or OpenAI GPT-3 (ChatGPT). Own and Manage your ChatBot f...
CVE-2022-4278: SourceCodester Human Resource Management System employeeadd.php SQL Injection
Introduction Human Resource Management System is a web application that was developed in PHP and MySQL Database. It aims to provide an online automated platform for certain company employees’ to m...
CVE-2022-4229: SourceCodester Book Store Management System 1.0 /bsms_ci/index.php Access Control
Introduction In the realm of cybersecurity, discovering a vulnerability and obtaining a CVE (Common Vulnerabilities and Exposures) entry is a significant achievement. It marks a milestone in an in...
CVE-2022-4228: SourceCodester Book Store Managerment System 1.0 Password Information Disclosure
A vulnerability classified as problematic has been found in SourceCodester Book Store Management System 1.0. This affects an unknown part of the file /bsms_ci/index.php/user/edit_user/. An Unauthen...
Port Redirection and Tunneling
Port Forwarding Port forwarding is the simplest traffic manipulation technique we will examine in which we redirect traffic destined for one IP address and port to another IP address and port. ...
Active Directory Enumeration & Attacks
Manually Enumeration Basic enumeration Use built-in net.exe application Who are you net user Enumerate all users net user /domain Enumerate all groups net group /domain Use powershell s...
Linux Privilege Escalation
NOTE: It is not always possible to escalate privileges to root, we have to escalate privileges to another non-root user, then escalate privileges to root Checklist Reference from PayloadsAllT...
Windows Privilege Escalation
Privilege Escalation Strategy This section is coming straight from Tib3rius Udemy Course. Spend some time and read over the results of your enumeration. If WinPEAS or another tool finds someth...
Mobile Secure Local Storage
When developing iOS or Android apps, there’s a need to store some data locally, such as basic fetch data, usernames, and passwords. However, using standard storage methods like shared preferences o...