Research Gibbon v30.0.00: Authenticated SQL Injection and RCE We go back to school to hunt down some SQL Injection, Local File Inclusion, and DoS in the Gibbon school management software.
Research Orthanc 1.12.9 User Impersonation A simple code review can lead to some quick wins if you know where to look. A couple hours of staring at C++ code led us to a user impersonation vulnerability in Orthanc 1.12.9.
Research Featured LiquidFiles Vulnerabilities: From Discovery to Disclosure Join us in my quest to find some vulnerabilities in the Liquidfiles application! A full walkthrough awaits detailing the methodology and the findings that made all the effort worthwhile.
