Proof Of Concept Development

Using Docker Security Playground to create unserialize() Object Injection in Yet Another Stars Rating laboratory

Written by Gaetano Perrone - 14 Dec 2020

In previous post I’ve describe how it is possible to use Docker in order to setup a Docker environment to study Yet Another Stars Rating wordpress plugin https://wpscan.com/vulnerability/9207. Here I am going to show you how you can configure a vulnerable environment by using Docker Security Playground . Docker Security Playground installation Install DSP is […]

CVE-2020-2229 JENKINS UP TO 2.251/LTS 2.235.3 TOOLTIP STORED CROSS SITE SCRIPTING

Written by Gaetano Perrone - 11 Dec 2020

In this Post, I show how I have create the Proof Of Concept for CVE-2020-2229 . I found a vulnerable version Jenkins 2.249 during a Penetration Test, I was trying to investigate available exploits for this vulnerability, but I did not find anything. Well, Jenkins is an amazing wonderful project, the best way that I […]

Scroll to top