Abusing Diaghub
This post is based on this article from google project zero. For more details please read their awesome post, I will just give a brief overview.
This post is based on this article from google project zero. For more details please read their awesome post, I will just give a brief overview.
LimeSurvey is a widely used open source application that allows it to create surveys with various features. For this post I will use LimeSurvey Version 2.72.3+171020 which contains a known vulnerability and use it together with 2 yet unknown vulnerabilities to achieve code execution. The first step of the exploit...