Back to directory

WRITEUP #1430

EJS - Server Side Prototype Pollution gadgets to RCE

RCEServer-side prototype pollutionSecurity code review

by@kevin_mizu(Mizu)

Program

Node.js third-party modules (EJS)

Published

Mar 9, 2023

Added to HackDex

Mar 10, 2023

Read Full Writeuphttps://mizu.re/post/ejs-server-side-prototype-pollution-gadgets-to-rce

▸ RELATED WRITEUPS

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Spip Preauth RCE 2024: Part 2, A Big Upload

Back To School - Exploiting A Remote Code Execution Vulnerability In Moodle

RCESecurity code review

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

Traccar 5 Remote Code Execution Vulnerabilities

RCEUnrestricted file upload

Built with ❤️ by Shubham Rawat