CVE-2023-30465 - SQL Injection Vulnerability in Apache InLong (Versions 1.4. - 1.5.) Explained with Exploit Example
Recently, a serious security vulnerability was found in Apache InLong, an open-source system for massive data integration. This flaw, tracked as CVE-2023-30465, allows attackers to
CVE-2023-27987 - How Simple Default Tokens in Apache Linkis <=1.3.1 Lead to Easy Exploits (With Example and Fix)
Published: June 2024
Author: [Exclusive Write-up]
Apache Linkis is a popular middleware that connects data applications (like BI, notebooks, and IDEs) with multiple computation engines.
CVE-2023-28625 - Denial-of-Service Vulnerability in mod_auth_openidc – Understanding, Exploitation, and Patch
If your Apache web server uses OpenID Connect with the mod_auth_openidc plugin, it's crucial to be aware of CVE-2023-28625. This vulnerability,
CVE-2022-42948 - Code Execution in Cobalt Strike 4.7.1 UI via Broken HTML Escaping
Cobalt Strike is a popular threat emulation and command-and-control (C2) tool used by both red teams and, unfortunately, cybercriminals. In October 2022, a serious vulnerability
CVE-2023-28708 - How an Apache Tomcat Proxy Setting Could Leak Your Cookies
In 2023, a vulnerability was discovered in popular versions of Apache Tomcat, the Java-based web server and servlet container. The issue—now tracked as CVE-2023-28708—
Episode
00:00:00
00:00:00