Sometimes they come back: exfiltration through MySQL and CVE-2020-11579
Walkthrough and exploitation of MySQL LOCAL INFILE accompanied by the release of a new open-source tool to exploit similar vulnerabilities.
Exploiting Apache Solr through OpenCMS
Exploiting a known XXE in Apache Solr through OpenCMS handleSolrSelect, to read arbitrary files from the OpenCMS' server.
Nagios XI 5.5.10: XSS to #
Walkthrough of a 1-click root RCE exploit chain in Nagios XI 5.5.10 by polict: XSS, RCE and local privilege escalation in a single URL click.