THM Startup Walkthrough
CVE-2021-38699 TastyIgniter 3.0.7 Stored Cross Site Scripting Vulnerability
A Stored Cross Site Scripting Vulnerability exists in multiple pages of TastyIgniter v3.0.7 that allows for arbitrary execution of JavaScript.https://github.com/Justin-1993/CVE-2021-38699 Vulnerable Pages:/account, /reservation, /admin/dashboard, /admin/system_logs Vulnerable Payloads:“><script> alert(1) </script> <script> alert(1) </script> Found by Justin White and Matt Kiely | HuskyHacks, August 2021
Remote code execution via PHP edit
TastyIgniter version 3.0.7 RCE Today I am posting about a exploit I found with the Open Source software TastyIgniter. This affects version 3.0.7. This exploit allowed me a reverse connection from the server this application is hosted on back to my machine. Below will be the steps to reproduce this. Step 1) you will need […]