Back to directory
WRITEUP #43

Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670

SQL InjectionReverse engineeringSecurity code review
by@SinSinology(Sina Kheirkhah)
Program
Progress (WhatsUp Gold)
Published
Aug 30, 2024
Added to HackDex
Sep 4, 2024
Read Full Writeuphttps://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670/
RELATED WRITEUPS
Exploiting authorization by nonce in WordPress plugins
RCEArbitrary file upload
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
Spip Preauth RCE 2024: Part 2, A Big Upload
RCEFile upload
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS

Built with ❤️ by Shubham Rawat