Back to directory
WRITEUP #2751

EJS, Server side template injection RCE (CVE-2022-29078) - writeup

RCESSTI
by@net_code(Eslam Salem)
Program
ejsNetApp
Published
Apr 23, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://eslam.io/posts/ejs-server-side-template-injection-rce/
RELATED WRITEUPS
WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)
RCESSTI
Chaining Three Bugs to Access All Your ServiceNow Data
RCESSTI
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat