what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from kai6u

Relate Learning And Teaching System SSTI / Remote Code Execution

Posted Apr 24, 2024

Authored by kai6u

Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Batch-Issue Exam Tickets function.

tags | exploit, remote, code execution

SHA-256 | fbbdfe373b7e6dd2a583a85798dfb1937651c42dbb791999bca4e6961e2b78e0

Download | Favorite | View

Relate Learning And Teaching System SSTI / Remote Code Execution

Posted Apr 19, 2024

Authored by kai6u

Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the Markup Sandbox function.

tags | exploit, remote, code execution

SHA-256 | dc9ebb411726c774da4987d54d2ba2f224359e747d24c55618c19978e8b73e8a

Download | Favorite | View

Relate Cross Site Scripting

Posted Apr 18, 2024

Authored by kai6u

Relate learning and teaching system versions prior to 2024.1 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 3a5eecac3aca18d20a7a031bd440baad2966d7f4f2e4228a13dd171b4d91f376

Download | Favorite | View

Lektor Static CMS 3.3.10 Arbitrary File Upload / Remote Code Execution

Posted Mar 20, 2024

Authored by kai6u

Lektor Static CMS version 3.3.10 suffers from an arbitrary file upload vulnerability that can be leveraged to achieve remote code execution.

tags | exploit, remote, arbitrary, code execution, file upload

SHA-256 | 12e46eeac4843dfaaf4f61083381648a44692cd6a4aade7ab73a5901f82f2336

Download | Favorite | View