Exploitation and mitigation bypasses for the new Drupal 8 RCE (SA-CORE-2019-003, CVE-2019-6340), targeting the REST module.

Few months ago Ambionics Security team had the chance to audit Oracle PeopleSoft solutions. PeopleSoft applications contain a lot of unauthenticated endpoints with several not well documented XXE vulnerabilities. We'll show how you can get a full SYSTEM shell from that.

Ambionics Security team discovered a pre-authentication SQL Injection in TYPO3 News module. This module is the 20th most used module of TYPO3 with almost 60,000 downloads.

While working on the Drupal module Services, the Ambionics Security team discovered a critical remote code execution vulnerability.

Some times ago the Ambionics team encountered a very old instance of Grails which contained a plugin to generate PDFs from Groovy templates. Upon looking for the plugin's source code we discovered an XXE vulnerability.

As a new year comes, it is a good time to review two high impact vulnerabilities that were discovered four years apart, but that are in fact rooted in the same piece of code.