Blog Logo
Sebastian Neef - 0day.work

  • Home
  • Contact
  • @0daywork
  • @gehaxelt
  • Impressum
  • Datenschutz

InfiniteWP Client < 1.9.4.5 - Authentication Bypass

15 January 2020  writeups, cve

I was browsing wpvulndb.com when I stumbled upon the InfiniteWP Client authentication bypass. Being curios, I wanted to reverse engineer the unpublished PoC. Here's my (short) journey. Analysis The

Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?)

29 October 2019  cve, writeups, research

I recently came across the following Apache vulnerability: "mod_rewrite potential open redirect (CVE-2019-10098)", but I couldn't find a proof of concept, so I started playing around with

Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts" (CVE-2019-17671)

20 October 2019  writeups, cve

A couple of days Wordpress released 5.2.4 with a few security patches. Props to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. caught

Proof of Concept for "Apache Httpd Limited cross-site scripting in mod_proxy error page (CVE-2019-10092)"

19 October 2019  research, cve

A few days ago, I came across the Apache Httpd Security Page and read about a XSS issue in mod_proxy. I couldn't find a Proof-of-Concept right away, so I

CVE-2019-11360: BufferOverflow in iptables-restore v1.8.2

11 July 2019  cve, writeups

This blogpost is about a BufferOverflow vulnerability which I found by fuzzing iptables-restore using AFL in March, 2019. It was fixed by the netfilter team in April 2019 and was

Page 1 of 2 Older Posts →
© 2023 Sebastian Neef - 0day.work All rights reserved.

Coder Ghost Theme created by Milos Bejda
Proudly published with Ghost