| [P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) |
|
|
|
| The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022 |
|
|
|
| Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) |
|
|
|
| SharePoint Webpart Property Traversal Vulnerability Analysis (CVE-2022–38053, CVE-2023–21742, CVE-2023–21717) |
|
|
|
| Gitlab Project Import RCE Analysis (CVE-2022-2185) |
|
|
|
| Miracle - One Vulnerability To Rule Them All |
|
|
|
| New Wine in Old Bottle - Microsoft Sharepoint Post-Auth Deserialization RCE (CVE-2022-29108) |
|
|
|
| Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis) |
|
|
|
| Weblogic RCE by only one GET request — CVE-2020–14882 Analysis |
|
|
|
writeups.xyz
/
Nguyễn Tiến Giang (@Testanull)