AWAE/OSWE

Preparation for coming AWAE Training. Work in progress...

Course syllabus

Atmail Mail Server Appliance: from XSS to RCE (6.4) CVE-2012-2593

ATutor Authentication Bypass and RCE (2.2.1) CVE-2016-2555

ATutor LMS Type Juggling Vulnerability (<=2.2.1) CVE-?

ManageEngine Applications Manager AMUserResourcesSyncServlet SQL Injection RCE CVE-?

Bassmaster NodeJS Arbitrary JavaScript Injection Vulnerability (1.5.1) CVE-2014-7205

DotNetNuke Cookie Deserialization RCE (<9.1.1) CVE-2017-9822