The exploitation of a vulnerability named Log4Shell (CVE-2021-44228)

Intro

This lab covers the exploitation of a vulnerability in Log4j.

Apache Solr 8.11.0 is running on the target machine which this version of the software is prone to vulnerable log4j package (CVE-2021-44228). The application itself runs on Java 1.8.0_181.

Enum

We can see clear indicators of log4j used for logging activity when we browse Solr Admin Dashboard:

Continue reading “The exploitation of a vulnerability named Log4Shell (CVE-2021-44228)”

CVE-2020-29168: Online Doctor Appointment Booking System PHP and Mysql 1.0 – ‘q’ SQL Injection

An SQL injection vulnerability was discovered in PHP Doctor Appointment System by me on 11/16/2020.

In ‘getuser.php’ file, GET parameter ‘q’ is vulnerable.

The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the product being vulnerable to SQL injection.

Continue reading “CVE-2020-29168: Online Doctor Appointment Booking System PHP and Mysql 1.0 – ‘q’ SQL Injection”