Naveen Sunkavally | writeups.xyz

Title	Vulnerabilities	Programs	Authors
NTLM Credential Theft in Python Windows Applications	SSRF NTLMv2 Hash Disclosure NTLM Security Code Review	Python Hugging Face (Gradio) Werkzeug Jupyter Snowflake (Streamlit)	Naveen Sunkavally
Traccar 5 Remote Code Execution Vulnerabilities	RCE Unrestricted File Upload Path Traversal Security Code Review	Traccar	Naveen Sunkavally
Writeup for CVE-2023-39143: PaperCut WebDAV Vulnerability	WebDAV Path Traversal RCE Security Code Review	PaperCut	Naveen Sunkavally
Apache Superset Part II: RCE, Credential Harvesting and More	RCE Insecure Deserialization URL Validation Bypass Broken Authorization Arbitrary File Read Insufficiently Protected Credentials Default Flask Secret Key Hardcoded Credentials	Apache Superset	Naveen Sunkavally
CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution	RCE Default Flask Secret Key Hardcoded Credentials	Apache Superset	Naveen Sunkavally
CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus	XXE SSRF RCE	Zoho	Naveen Sunkavally

Page 1 of 1