site:blog.securelayer7.net

Remediation for CVE-2024-20767 and CVE-2024-21216 Potential Exploitable Bugs https://blog.securelayer7.net/coldfusion-path-traversal-and-weblogic-unauthenticated-rce-remediation/ 2 comments 19/11/2024 netsec

Polyfill Supply Chain Attack https://blog.securelayer7.net/polyfill-supply-chain-attack/ 7 comments 8/8/2024 programming

CVE-2024-39877: Apache Airflow Arbitrary Code Execution https://blog.securelayer7.net/arbitrary-code-execution-in-apache-airflow/ 4 comments 5/8/2024 netsec

CVE-2024–23897 – Arbitrary file read in Jenkins https://blog.securelayer7.net/arbitrary-file-read-in-jenkins/ 2 comments 11/3/2024 netsec

Ivanti Connect Secure Under Attack: Uncovering Five Exploitable CVEs - XXE https://blog.securelayer7.net/ivanti-connect-secure-5-cve-vulnerability/ 3 comments 20/2/2024 netsec

Unauthenticated RCE in Adobe Coldfusion – CVE-2023-26360 https://blog.securelayer7.net/unauthorized-rce-in-adobe-coldfusion/ 2 comments 10/1/2024 netsec

Analysis of CVE-2023-38831 Zero-Day vulnerability in WinRAR https://blog.securelayer7.net/analysis-of-cve-2023-38831-zero-day-vulnerability-in-winrar/ 8 comments 25/9/2023 netsec

Easily Exploitable Critical Vulnerability in ProfilePress Plugin of WordPress CVE-2021-34621 https://blog.securelayer7.net/easily-exploitable-critical-vulnerability-in-profilepress-plugin-of-wordpress-cve-2021-34621/ 5 comments 13/9/2021 netsec

Abusing SUDO Advance for Linux Privilege Escalation - RedTeam Tips http://blog.securelayer7.net/abusing-sudo-advance-linux-privilege-escalation/ 7 comments 12/2/2019 netsec

Step by Step Guide to Automating Web Apps Input fuzzing via Burp Macros http://blog.securelayer7.net/automating-web-apps-input-fuzzing-via-burp-macros/ 18 comments 3/9/2017 netsec

Cross-Site Scripting #3 Bad JavaScript Imports Vulnerability http://blog.securelayer7.net/owasp-top-10-cross-site-scripting-3-bad-javascript-imports/ 31 comments 28/8/2017 netsec

YesBank Banking Application Password Reset OTP Bypass Vulnerability http://blog.securelayer7.net/yesbank-banking-application-password-reset-otp-bypass-vulnerability/ 3 comments 26/12/2016 netsec

Everything about the CSV Excel Macro Injection http://blog.securelayer7.net/how-to-perform-csv-excel-macro-injection/ 5 comments 10/9/2016 netsec

MongoDB security – Injection attacks with php http://blog.securelayer7.net/mongodb-security-injection-attacks-with-php/ 21 comments 2/6/2016 netsec