Back to directory
WRITEUP #2864

iTop – Template Injection inside customer Portal

RCESSTI
by@MarkusKrell(Markus Krell)
Program
Combodo (iTop)
Published
Mar 21, 2022
Added to HackDex
Oct 24, 2022
Read Full Writeuphttps://markus-krell.de/itop-template-injection-inside-customer-portal/
RELATED WRITEUPS
WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)
RCESSTI
Chaining Three Bugs to Access All Your ServiceNow Data
RCESSTI
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization

Built with ❤️ by Shubham Rawat