-
Recent Posts
- Weaponizing AMSI bypass with PowerShell
- CVE-2019-15305 – CVE-2019-15309 Several Security Vulnerabilities in “Innosoft Einsatzplanung Web” Version 5.2q4
- Exploitation of Server Side Template Injection with Craft CMS plugin SEOmatic <=3.1.3 [CVE-2018-14716]
- Comprehensive data leakage via Google Groups
- Pingsweep with Windows CLI
Tag Archives: exploitdb
Exploitation of Server Side Template Injection with Craft CMS plugin SEOmatic <=3.1.3 [CVE-2018-14716]
During a recent webapplication testing I decided to perform some fuzzing of certain paths within the URI of a CMS and happened to find a potential SSTI (server side template injection) within one of the CMS’ plugins which I then … Continue reading
Posted in Researching, Webapplication security, Write-Up
Tagged bugbounty, bughunting, cve, cve-2018-14716, exploit, exploitation, exploitdb, hacking, information disclosure, security, server side template injection, ssti, vulnerability, webapplication
Comments Off on Exploitation of Server Side Template Injection with Craft CMS plugin SEOmatic <=3.1.3 [CVE-2018-14716]