Late last year this vulnerability lead to the compromise of several on-premise installs of Atlassian Confluence. CVE-2023-22515 is scarily simple to exploit and is the result of certain requests sent to the server being trusted if they contained a certain header. With this it was then possible to re-run part…
On the weekend, I came across an interesting SQL injection vulnerability whilst researching on a financing related website. I expected the website to have vulnerabilities, as I'd earlier found an IDOR that allowed for the read/write of contacts who'd receive emails across accounts, but I…
Earlier today I was tasked with trying to show how CVE-2024-2879 could be exploited, and this investigation lead to the following blog post being created at Security Blue Team. The CVE itself didn't have a PoC online that I could find, and though I did find snippets of…
If you've been around web application penetration testing, it's pretty likely you'll know or have heard about Adminer. Adminer is a very convenient and easy to use open-source database management tool, it allows an administrator to connect in to the specified DBMS, run queries…
After seeing the recent CVE-2024-20767 relating to Improper Access Control in Adobe ColdFusion, I wanted to better understand how it worked. From my experiences on Synack, ColdFusion is still pretty out there in the wild and often quite out of date. I was unable to find too much information on…
January through March always seems like a very quiet time when hunting with Synack. This is where most of the re-tests occur & the opportunities to find new things is limited and it becomes a bit scrappy. With that said, this year I've done a bit better than…