Back to directory
WRITEUP #249

From a GLPI patch bypass to RCE

RCESQL injectionLFISecurity code review
by@GuilhemRioux(Guilhem Rioux)
Program
GLPI
Published
Jun 20, 2024
Added to HackDex
Aug 4, 2024
Read Full Writeuphttps://sensepost.com/blog/2024/from-a-glpi-patch-bypass-to-rce/
RELATED WRITEUPS
Exploiting authorization by nonce in WordPress plugins
RCEArbitrary file upload
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload
IIS welcome page to source code review to LFI!
SSRFLFI
Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670
SQL InjectionReverse engineering

Built with ❤️ by Shubham Rawat