ImpressCMS: from unauthenticated SQL injection to RCE

[Egidio Romano <research () karmainsecurity com>]

Hello list,

I'd like to share with you my latest blog post. Hope you may find this 
SQL injection exploitation technique interesting and potentially useful 
for your penetration tests. Enjoy it!

Link: http://karmainsecurity.com/impresscms-from-unauthenticated-sqli-to-rce

Best regards,
/EgiX
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/