CVE-2021-21311 - Adminer - SSRF

By Daly in CVE on

If you've been around web application penetration testing, it's pretty likely you'll know or have heard about Adminer. Adminer is a very convenient and easy to use open-source database management tool, it allows an administrator to connect in to the specified DBMS, run queries…

CVE-2024-20767 - Adobe ColdFusion - Improper Access Control

By Daly in CVE on

After seeing the recent CVE-2024-20767 relating to Improper Access Control in Adobe ColdFusion, I wanted to better understand how it worked. From my experiences on Synack, ColdFusion is still pretty out there in the wild and often quite out of date. I was unable to find too much information on…