Mura/Masa CMS - SQL Injection CVE-2024-32640
A while back the illustrious team over at Project Discovery wrote about the discovery of an SQLi in Masa/Mura CMS . It's a good writeup, so go check it out for the technical…
tag
7 posts
A while back the illustrious team over at Project Discovery wrote about the discovery of an SQLi in Masa/Mura CMS . It's a good writeup, so go check it out for the technical…
PyMedusa is a well known video library manager that many of us self hosted types may use to organize our libraries. I decided to give it a spin one day and found a classic OS…
Let's say you're doing a pentest, and you run across access to AWS Lambda. I recently learned you can get a persistent shell (for 15 minutes, at least) via Lambda, which seemed…
I was given CVE 2021 44255 for this authenticated RCE via a malicious tasks (python pickle) file. So that's fun. Even though it is authenticated, the default username is admin and…
I had Tesla solar panels and Powerwalls installed several weeks ago. I currently don't have permission to operate (PTO) from my electricity provider, which means I can't ship any…
Getting Started with MotionEye MotionEye is an open source, web based GUI for the popular Motion CLI application found on Linux. I've known of the Motion command line app for…
TLDR: Read the code before you install random qbittorent plug ins. qBittorrent has a feature that allows you to install a search plugin to search for torrents on your favorite…