> CVE's

13 grudnia, 2025
[CVE-2018-12613] phpMyAdmin 4.8.x < 4.8.2 - Rooting a Clinic in Under 2 Hours (Session Poisoning & Lateral Movement)
CVECybersecurityExploitsPHPphpMyAdmin
The Scenario: I had exactly 2 hours to compromise a machine in a volatile environment where IP addresses rotated unexpectedly. This wasn’t just a CTF; it was a race against the clock that required...
13 grudnia, 2025
[CVE-2021-45010] - Tiny File Manager 2.4.3 - Big Security Hole: From Default Creds to RCE
CVECybersecurityExploitsPHPTFM
Sometimes, the most dangerous vulnerability isn’t a complex buffer overflow or a zero-day exploit. Sometimes, it’s just a lazy configuration. In this challenge, I targeted a server running...
13 grudnia, 2025
[CVE-2021-41773] - Breaking Apache 2.4.49 (The Path Traversal Nightmare)
ApacheCybersecurityExploitsHTTPServer
In the world of web security, some version numbers act like neon signs saying „HACK ME”. Today’s target, an internal intranet server, was hiding behind one of those specific versions. Here...