eval.blog
Tags
Exploit Development
iOS
macOS
Linux
Windows
Android
Reverse Engineering
Static Analysis
Dynamic Analysis
Decompilation
Debugger Techniques
Binary Instrumentation
Programming
C
C++
Rust
Objective-C
Swift
Python
C#
Artificial Intelligence
CTF Writeups
Exploit Development
Research Posts
(1)
Jul 29, 2021
CraftCMS Zero-day Chain: XSS to SSTI triggering RCE
Reported CVE-2021-27902 (XSS) and CVE-2021-27903 (SSTI) that can be chained together to gain Remote Code Execution in CraftCMS.
×
Feature Under Development
This feature or page is currently under development.
Please check back soon!
CraftCMS Zero-day Chain: XSS to SSTI triggering RCEReported CVE-2021-27902 (XSS) and CVE-2021-27903 (SSTI) that can be chained together to gain Remote Code Execution in CraftCMS.