Back to directory
WRITEUP #5902

Exploitation of Server Side Template Injection with Craft CMS plugin SEOmatic <=3.1.3 [CVE-2018-14716]

OtherSSTI
bySebastian (ha.cker.info)
Program
SEOmatic CMS plugin
Published
Jul 24, 2018
Added to HackDex
Sep 15, 2022
Read Full Writeuphttp://ha.cker.info/exploitation-of-server-side-template-injection-with-craft-cms-plguin-seomatic/
RELATED WRITEUPS
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free

Built with ❤️ by Shubham Rawat