Back to directory

WRITEUP #3214

NodeBB 1.18.4 - Remote Code Execution With One Shot

RCEXSSAuthentication bypassArbitrary file read

by@SonarSource(Sonar)

Bounty

1,536

Program

NodeBB

Published

Nov 30, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot

▸ RELATED WRITEUPS

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents

RCEArbitrary file read

Built with ❤️ by Shubham Rawat