CFOR Exploit - Recovering Deleted and Private Github Commits

2024-08-03

https://blog.sorcery.ie/posts/cfor_exploit/ Sorcery Ltd

• #Cfor
• #Github
• #Trufflehog

MyBB Admin Panel RCE CVE-2023-41362

2023-09-11

https://blog.sorcery.ie/posts/mybb_acp_rce/ Sorcery Ltd

• #Mybb
• #Rce
• #Regex
• #CVE-2023-41362
• #Redos

PHPInfo Exposure in MyPrestaModules Modules CVE-2023-39677

2023-09-08

https://blog.sorcery.ie/posts/myprestamodules_phpinfo/ Sorcery Ltd

• #Simpleimportproduct
• #Updateproducts
• #Myprestamodules
• #Prestashop
• #Phpinfo
• #CVE-2023-39677

SQLi in SimpleImportProduct Prestashop Module CVE-2023-39675

2023-09-08

https://blog.sorcery.ie/posts/simpleimportproduct_sqli/ Sorcery Ltd

• #Simpleimportproduct
• #Myprestamodules
• #Prestashop
• #Sqli
• #CVE-2023-39675

XSS in FieldPopupNewsletter Prestashop Module CVE-2023-39676

2023-09-07

https://blog.sorcery.ie/posts/fieldpopupnewsletter_xss/ Sorcery Ltd

• #Fieldpopupnewsletter
• #Fieldthemes
• #Prestashop
• #Xss
• #CVE-2023-39676

SQLi in XIPBlog Prestashop Module CVE-2023-27847

2023-08-03

https://blog.sorcery.ie/posts/xipblog_sqli/ Sorcery Ltd

• #Xipblog
• #Xpert-Idea
• #Prestashop
• #Sqli
• #CVE-2023-27847

HigherLogic Community RCE Vulnerability

2022-02-03

https://blog.sorcery.ie/posts/higherlogic_rce/ Sorcery Ltd

• #Higherlogic
• #Rce
• #Viewstate
• #Vstate
• #Nuclei

Auth Bypass in ADOdb CVE-2021-3850

2022-01-26

https://blog.sorcery.ie/posts/adodb_auth_bypass/ Sorcery Ltd

• #Phppgadmin
• #Adodb
• #CVE-2021-3850
• #Bypass

Proof of Concept for CVE-2021-38314 (Redux Framework)

2021-10-04

https://blog.sorcery.ie/posts/redux_wordpress/ Sorcery Ltd

• #Redux
• #Redux Framework
• #CVE-2021-38314
• #Poc
• #Wordpress

SQLi in SmartBlog CVE-2021-37538

2021-08-21

https://blog.sorcery.ie/posts/smartblog_sqli/ Sorcery Ltd

• #Smartblog
• #Prestashop
• #CVE-2021-37538
• #Sqli