rce
Local File Read to RCE
During a recent engagement against a web application, a known vulnerability, CVE-2020-35340 was exploited to gain remote code execution on the server hosting the application
xxe
Remote compromise: XXE injection on thin client’s web services
During one of our perimeter assessment exercises, we identified and exploited a vulnerability in an in-house developed thin client
cve
CVE-2021-37749 - Hexagon GeoMedia WebMap 2020 Blind SQL Injection
SilentGrid identified a blind SQL injection vulnerability in Hexagon's GeoMedia WebMap 2020 solution