Writeup:CMS Made Simple < 2.2.10 - SQL Injection;PATH HIJACKING
HackTheBox Beginner’s Guide
HackTheBox Beginner’s Guide
Oopsie
Session hijack with burpsuite to get reverse shell uploaded. setuid used to run cat=/bin/sh in /tmp
Writeup:CMS Made Simple < 2.2.10 - SQL Injection;PATH HIJACKING
HackTheBox Beginner’s Guide
Session hijack with burpsuite to get reverse shell uploaded. setuid used to run cat=/bin/sh in /tmp