Back to directory
WRITEUP #352

Dangerous Import: SourceForge Patches Critical Code Vulnerability

RCEArbitrary file readSecurity code review
by@scryh_(Stefan Schiller)
Program
SourceForgeApache Allura
Published
Apr 16, 2024
Added to HackDex
May 8, 2024
Read Full Writeuphttps://www.sonarsource.com/blog/dangerous-import-sourceforge-patches-critical-code-vulnerability
RELATED WRITEUPS
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload
Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents
RCEArbitrary file read

Built with ❤️ by Shubham Rawat